Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu - zpomalený ntb
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu logu - zpomalený ntb
Zdravím všechny, prosím o kontrolu přiloženého logo - ntb není žádná raketa, slouží čistě k administrativní práci. Nicméně vzhledem k tomu, že je necelé 2 roky starý bych si představoval přeci jen malinko rychlejší odezvu. Taky start OS je někdy vskutku šnekoidní Děkuji velice, pokud si někdo najde čas...
Logfile of random's system information tool 1.10 (written by random/random)
Run by jiriw at 2021-05-15 19:31:29
Microsoft Windows 10 Home
System drive C: has 418 GB (88%) free of 476 GB
Total RAM: 3982 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:31:39, on 15.05.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
C:\Users\jiriw\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files\trend micro\jiriw.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hp17win10.msn.com/?pc=HCTE
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.62\BHO\ie_to_edge_bho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKCU\..\Run: [OneDrive] "C:\Users\jiriw\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\jiriw\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKCU\..\Run: [f.lux] "C:\Users\jiriw\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atiesrxx.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_67973 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem50.inf,%ServiceAppHelperDesc%;HP App Helper HSA Service (HPAppHelperCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe
O23 - Service: @oem50.inf,%ServiceDiagsDesc%;HP Diagnostics HSA Service (HPDiagsCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe
O23 - Service: @oem50.inf,%ServiceNetworkDesc%;HP Network HSA Service (HPNetworkCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe
O23 - Service: @oem50.inf,%ServiceSysInfoDesc%;HP System Info HSA Service (HPSysInfoCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe
O23 - Service: @oem51.inf,%hpanalyticscomp%;HP Analytics service (HpTouchpointAnalyticsService) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Panda VPN Service - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Panda Elam Service Protection (pselamsvc) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @oem15.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkBtManServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @oem4.inf,%SynTPEnhService.SVCDESC%;SynTPEnhService (SynTPEnhService) - Unknown owner - C:\WINDOWS\System32\SynTPEnhService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11065 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s bthserv
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe
C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe
C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe
C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\System32\SynTPEnhService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
atieclxx
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\WLANExt.exe 2626287397760
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe"
"C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\RtkBtManServ.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k netsvcs
sihost.exe
"C:\WINDOWS\System32\SynTPEnh.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k BthAppGroup -p -s BluetoothUserService
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
schtasks /change /TN "AMDLinkUpdate" /TR "\"C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe\" -AMDLinkUpdate"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe"
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21042.95.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe"
"C:\Program Files\AMD\CNext\CNext\amdow.exe" 4808
"C:\Users\jiriw\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\rundll32.exe" -localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe" -ServerName:microsoft.windowslive.mail.AppXfbjsbkxvprcgqg6q4c9jfr0pn3kv9x5s.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
dashost.exe {3f3f6be5-ff56-445e-be710ea4d27b2028}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\WINDOWS\system32\AUDIODG.EXE 0x4f0
"C:\WINDOWS\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\BridgeCommunication.exe" 5d8ee695-2684-4d45-883d-71e80c19f021 Global\2aba4625-c70b-4358-947d-403cbe29ff83 1612
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\jiriw\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\jiriw\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=90.0.4430.212 --initial-client-data=0xf0,0xf4,0xf8,0xc8,0xfc,0x7ffadd5a2920,0x7ffadd5a2930,0x7ffadd5a2940
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1716 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=1984 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=2408 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=6468 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4268 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
C:\WINDOWS\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8976 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 800 804 812 8192 808 784
"C:\Users\jiriw\Downloads\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.62\BHO\ie_to_edge_bho_64.dll [2021-05-13 550792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.62\BHO\ie_to_edge_bho.dll [2021-05-13 409984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2020-04-24 11235928]
"RtlS5Wake"=C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2018-04-18 2097600]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\jiriw\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-03-22 1579368]
"com.squirrel.Teams.Teams"=C:\Users\jiriw\AppData\Local\Microsoft\Teams\Update.exe [2021-04-18 2453728]
"f.lux"=C:\Users\jiriw\AppData\Local\FluxSoftware\Flux\flux.exe [2021-02-04 1511824]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-04-22 33698888]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"PSUAMain"=C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [2020-12-02 168456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"MaxGPOScriptWait"=600
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2021-05-15 19:31:30 ----D---- C:\Program Files\trend micro
2021-05-15 19:31:29 ----D---- C:\rsit
2021-05-15 07:09:59 ----A---- C:\WINDOWS\system32\wbadmin.exe
2021-05-15 07:09:59 ----A---- C:\WINDOWS\system32\msrahc.dll
2021-05-15 07:09:54 ----A---- C:\WINDOWS\system32\WalletService.dll
2021-05-15 07:09:49 ----A---- C:\WINDOWS\SYSWOW64\quickassist.exe
2021-05-15 07:09:49 ----A---- C:\WINDOWS\system32\quickassist.exe
2021-05-15 07:09:48 ----A---- C:\WINDOWS\system32\libcrypto.dll
2021-05-15 07:09:32 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2021-05-15 07:09:32 ----A---- C:\WINDOWS\SYSWOW64\mfh264enc.dll
2021-05-15 07:09:32 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2021-05-15 07:09:31 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2021-05-15 07:09:31 ----A---- C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2021-05-15 07:09:31 ----A---- C:\WINDOWS\system32\HoloSI.PCShell.dll
2021-05-15 07:09:31 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2021-05-15 07:09:28 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2021-05-15 07:09:27 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2021-05-15 07:09:26 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2021-05-15 07:09:26 ----A---- C:\WINDOWS\system32\mfps.dll
2021-05-15 07:09:26 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2021-05-15 07:09:26 ----A---- C:\WINDOWS\system32\mfh264enc.dll
2021-05-15 07:09:26 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2021-05-15 07:09:25 ----A---- C:\WINDOWS\system32\mfcore.dll
2021-05-15 07:09:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2021-05-15 07:09:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2021-05-15 07:09:23 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2021-05-15 07:09:23 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2021-05-15 07:09:23 ----A---- C:\WINDOWS\SYSWOW64\remotepg.dll
2021-05-15 07:09:23 ----A---- C:\WINDOWS\SYSWOW64\rdvvmtransport.dll
2021-05-15 07:09:23 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2021-05-15 07:09:22 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2021-05-15 07:09:22 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2021-05-15 07:09:22 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2021-05-15 07:09:22 ----A---- C:\WINDOWS\SYSWOW64\FrameServerClient.dll
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\CheckNetIsolation.exe
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\fwcfg.dll
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\authfwcfg.dll
2021-05-15 07:09:20 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2021-05-15 07:09:20 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2021-05-15 07:09:20 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2021-05-15 07:09:18 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2021-05-15 07:09:18 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2021-05-15 07:09:17 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\smphost.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\nshhttp.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2021-05-15 07:09:14 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2021-05-15 07:09:12 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2021-05-15 07:09:12 ----A---- C:\WINDOWS\system32\Spectrum.exe
2021-05-15 07:09:12 ----A---- C:\WINDOWS\system32\dsregcmd.exe
2021-05-15 07:09:11 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2021-05-15 07:09:11 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2021-05-15 07:09:11 ----A---- C:\WINDOWS\system32\rdvvmtransport.dll
2021-05-15 07:09:10 ----A---- C:\WINDOWS\system32\tsgqec.dll
2021-05-15 07:09:10 ----A---- C:\WINDOWS\system32\termsrv.dll
2021-05-15 07:09:10 ----A---- C:\WINDOWS\system32\SessEnv.dll
2021-05-15 07:09:10 ----A---- C:\WINDOWS\system32\remotepg.dll
2021-05-15 07:09:10 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\wsp_health.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\mstscax.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\FsIso.exe
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\FrameServerClient.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\FrameServer.dll
2021-05-15 07:09:08 ----A---- C:\WINDOWS\system32\reseteng.dll
2021-05-15 07:09:08 ----A---- C:\WINDOWS\system32\nshwfp.dll
2021-05-15 07:09:08 ----A---- C:\WINDOWS\system32\CheckNetIsolation.exe
2021-05-15 07:09:08 ----A---- C:\WINDOWS\system32\fwcfg.dll
2021-05-15 07:09:08 ----A---- C:\WINDOWS\system32\authfwcfg.dll
2021-05-15 07:09:07 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2021-05-15 07:09:07 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2021-05-15 07:09:06 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2021-05-15 07:09:06 ----A---- C:\WINDOWS\system32\ieframe.dll
2021-05-15 07:09:05 ----A---- C:\WINDOWS\system32\jscript9.dll
2021-05-15 07:09:04 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2021-05-15 07:09:04 ----A---- C:\WINDOWS\system32\Chakra.dll
2021-05-15 07:09:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2021-05-15 07:09:01 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2021-05-15 07:09:01 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2021-05-15 07:08:58 ----A---- C:\WINDOWS\system32\smphost.dll
2021-05-15 07:08:58 ----A---- C:\WINDOWS\system32\nshhttp.dll
2021-05-15 07:08:58 ----A---- C:\WINDOWS\system32\jscript.dll
2021-05-15 07:08:58 ----A---- C:\WINDOWS\system32\edgehtml.dll
2021-05-15 07:08:58 ----A---- C:\WINDOWS\system32\drivers\EhStorClass.sys
2021-05-15 07:08:58 ----A---- C:\WINDOWS\system32\DispBroker.Desktop.dll
2021-05-15 07:08:57 ----A---- C:\WINDOWS\system32\spaceman.exe
2021-05-15 07:08:57 ----A---- C:\WINDOWS\system32\mispace.dll
2021-05-15 07:08:56 ----A---- C:\WINDOWS\system32\Windows.Internal.PlatformExtension.MiracastBannerExperience.dll
2021-05-15 07:08:56 ----A---- C:\WINDOWS\system32\storagewmi.dll
2021-05-15 07:08:46 ----A---- C:\WINDOWS\system32\resutils.dll
2021-05-15 07:08:46 ----A---- C:\WINDOWS\system32\clusapi.dll
2021-05-15 07:08:46 ----A---- C:\WINDOWS\system32\CIDiag.exe
2021-05-15 07:08:45 ----A---- C:\WINDOWS\system32\tcbloader.dll
2021-05-15 07:08:45 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2021-05-15 07:08:45 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2021-05-15 07:08:44 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2021-05-15 07:08:44 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2021-05-15 07:08:44 ----A---- C:\WINDOWS\system32\hvloader.dll
2021-05-15 07:08:44 ----A---- C:\WINDOWS\system32\hvix64.exe
2021-05-15 07:08:44 ----A---- C:\WINDOWS\system32\hvax64.exe
2021-05-15 07:08:44 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\rtm.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\mprdim.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\iprtrmgr.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\iprtprio.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\fphc.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\drvstore.dll
2021-05-15 07:08:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2021-05-15 07:08:41 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2021-05-15 07:08:41 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2021-05-15 07:08:41 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2021-05-15 07:08:41 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\winipsec.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\polstore.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\nshipsec.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\httpapi.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\FwRemoteSvr.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\DMAppsRes.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\dabapi.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\PCShellCommonProxyStub.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2021-05-15 07:08:38 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2021-05-15 07:08:38 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2021-05-15 07:08:38 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2021-05-15 07:08:38 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2021-05-15 07:08:38 ----A---- C:\WINDOWS\SYSWOW64\mskeyprotect.dll
2021-05-15 07:08:38 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2021-05-15 07:08:37 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2021-05-15 07:08:36 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2021-05-15 07:08:36 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2021-05-15 07:08:36 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2021-05-15 07:08:36 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2021-05-15 07:08:36 ----A---- C:\WINDOWS\SYSWOW64\fwbase.dll
2021-05-15 07:08:36 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2021-05-15 07:08:35 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2021-05-15 07:08:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2021-05-15 07:08:35 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2021-05-15 07:08:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2021-05-15 07:08:35 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2021-05-15 07:08:35 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2021-05-15 07:08:34 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.Ngc.dll
2021-05-15 07:08:34 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2021-05-15 07:08:34 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2021-05-15 07:08:34 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2021-05-15 07:08:34 ----A---- C:\WINDOWS\SYSWOW64\dsregtask.dll
2021-05-15 07:08:34 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2021-05-15 07:08:33 ----A---- C:\WINDOWS\SYSWOW64\SystemEventsBrokerClient.dll
2021-05-15 07:08:33 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2021-05-15 07:08:33 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2021-05-15 07:08:33 ----A---- C:\WINDOWS\SYSWOW64\aadauthhelper.dll
2021-05-15 07:08:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2021-05-15 07:08:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2021-05-15 07:08:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2021-05-15 07:08:29 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2021-05-15 07:08:29 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2021-05-15 07:08:29 ----A---- C:\WINDOWS\SYSWOW64\diskpart.exe
2021-05-15 07:08:28 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2021-05-15 07:08:28 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2021-05-15 07:08:27 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2021-05-15 07:08:26 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2021-05-15 07:08:26 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2021-05-15 07:08:25 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2021-05-15 07:08:24 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2021-05-15 07:08:24 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2021-05-15 07:08:24 ----A---- C:\WINDOWS\SYSWOW64\cmifw.dll
2021-05-15 07:08:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2021-05-15 07:08:23 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2021-05-15 07:08:23 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntime.dll
2021-05-15 07:08:23 ----A---- C:\WINDOWS\SYSWOW64\AarSvc.dll
2021-05-15 07:08:22 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntimewindows.dll
2021-05-15 07:08:22 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-15 07:08:16 ----A---- C:\WINDOWS\system32\shell32.dll
2021-05-15 07:08:16 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2021-05-15 07:08:15 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2021-05-15 07:08:15 ----A---- C:\WINDOWS\system32\vpnike.dll
2021-05-15 07:08:15 ----A---- C:\WINDOWS\system32\vbscript.dll
2021-05-15 07:08:15 ----A---- C:\WINDOWS\system32\rasmans.dll
2021-05-15 07:08:15 ----A---- C:\WINDOWS\system32\rasapi32.dll
2021-05-15 07:08:15 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2021-05-15 07:08:14 ----A---- C:\WINDOWS\system32\rtm.dll
2021-05-15 07:08:14 ----A---- C:\WINDOWS\system32\mprdim.dll
2021-05-15 07:08:14 ----A---- C:\WINDOWS\system32\mprddm.dll
2021-05-15 07:08:14 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2021-05-15 07:08:14 ----A---- C:\WINDOWS\system32\iprtprio.dll
2021-05-15 07:08:14 ----A---- C:\WINDOWS\system32\drivers\ipfltdrv.sys
2021-05-15 07:08:08 ----A---- C:\WINDOWS\system32\sppnp.dll
2021-05-15 07:08:08 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2021-05-15 07:08:08 ----A---- C:\WINDOWS\system32\fphc.dll
2021-05-15 07:08:08 ----A---- C:\WINDOWS\system32\drvstore.dll
2021-05-15 07:08:07 ----A---- C:\WINDOWS\system32\ubpm.dll
2021-05-15 07:08:07 ----A---- C:\WINDOWS\system32\taskschd.dll
2021-05-15 07:08:07 ----A---- C:\WINDOWS\system32\schedsvc.dll
2021-05-15 07:08:07 ----A---- C:\WINDOWS\system32\pnidui.dll
2021-05-15 07:08:07 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2021-05-15 07:08:06 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2021-05-15 07:08:06 ----A---- C:\WINDOWS\system32\LockController.dll
2021-05-15 07:08:06 ----A---- C:\WINDOWS\system32\drivers\scsiport.sys
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\winipsec.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\urlmon.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\polstore.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\nshipsec.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\msIso.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\IPSECSVC.DLL
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\iertutil.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\FwRemoteSvr.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\edgeIso.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\DMAppsRes.dll
2021-05-15 07:08:04 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2021-05-15 07:08:04 ----A---- C:\WINDOWS\system32\wkssvc.dll
2021-05-15 07:08:04 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2021-05-15 07:08:04 ----A---- C:\WINDOWS\system32\msctf.dll
2021-05-15 07:08:04 ----A---- C:\WINDOWS\system32\LogonController.dll
2021-05-15 07:08:04 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2021-05-15 07:08:04 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2021-05-15 07:08:03 ----A---- C:\WINDOWS\system32\KernelBase.dll
2021-05-15 07:08:03 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2021-05-15 07:08:03 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2021-05-15 07:08:03 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2021-05-15 07:08:02 ----A---- C:\WINDOWS\system32\smss.exe
2021-05-15 07:08:02 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2021-05-15 07:08:01 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\utcutil.dll
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\runexehelper.exe
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\ntdll.dll
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\hal.dll
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\diagnosticdataquery.dll
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\dabapi.dll
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\dab.dll
2021-05-15 07:07:59 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2021-05-15 07:07:59 ----A---- C:\WINDOWS\system32\oleaut32.dll
2021-05-15 07:07:59 ----A---- C:\WINDOWS\system32\httpapi.dll
2021-05-15 07:07:59 ----A---- C:\WINDOWS\system32\drivers\http.sys
2021-05-15 07:07:59 ----A---- C:\WINDOWS\system32\diagtrack.dll
2021-05-15 07:07:59 ----A---- C:\WINDOWS\system32\ci.dll
2021-05-15 07:07:58 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2021-05-15 07:07:58 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2021-05-15 07:07:57 ----A---- C:\WINDOWS\system32\wow64.dll
2021-05-15 07:07:57 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2021-05-15 07:07:57 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2021-05-15 07:07:57 ----A---- C:\WINDOWS\system32\conhost.exe
2021-05-15 07:07:56 ----A---- C:\WINDOWS\system32\wimserv.exe
2021-05-15 07:07:56 ----A---- C:\WINDOWS\system32\wimgapi.dll
2021-05-15 07:07:56 ----A---- C:\WINDOWS\system32\dwmcore.dll
2021-05-15 07:07:56 ----A---- C:\WINDOWS\system32\drivers\wimmount.sys
2021-05-15 07:07:55 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2021-05-15 07:07:55 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2021-05-15 07:07:54 ----A---- C:\WINDOWS\system32\refsutil.exe
2021-05-15 07:07:53 ----A---- C:\WINDOWS\system32\uReFS.dll
2021-05-15 07:07:53 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2021-05-15 07:07:53 ----A---- C:\WINDOWS\system32\cldapi.dll
2021-05-15 07:07:51 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2021-05-15 07:07:51 ----A---- C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2021-05-15 07:07:51 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2021-05-15 07:07:51 ----A---- C:\WINDOWS\system32\appraiser.dll
2021-05-15 07:07:51 ----A---- C:\WINDOWS\system32\acmigration.dll
2021-05-15 07:07:50 ----A---- C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2021-05-15 07:07:50 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2021-05-15 07:07:50 ----A---- C:\WINDOWS\system32\invagent.dll
2021-05-15 07:07:50 ----A---- C:\WINDOWS\system32\ConstraintIndex.Search.dll
2021-05-15 07:07:50 ----A---- C:\WINDOWS\system32\aeinv.dll
2021-05-15 07:07:49 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2021-05-15 07:07:42 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2021-05-15 07:07:42 ----A---- C:\WINDOWS\system32\NotificationController.dll
2021-05-15 07:07:42 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2021-05-15 07:07:42 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2021-05-15 07:07:42 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2021-05-15 07:07:42 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2021-05-15 07:07:41 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2021-05-15 07:07:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2021-05-15 07:07:40 ----A---- C:\WINDOWS\system32\ReAgent.dll
2021-05-15 07:07:39 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2021-05-15 07:07:39 ----A---- C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\Windows.Internal.CapturePicker.Desktop.dll
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\usosvc.dll
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\MoUsoCoreWorker.exe
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\AppResolver.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\wc_storage.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\SHCore.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\daxexec.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\container.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\bindfltapi.dll
2021-05-15 07:07:36 ----A---- C:\WINDOWS\system32\win32u.dll
2021-05-15 07:07:36 ----A---- C:\WINDOWS\system32\win32kfull.sys
2021-05-15 07:07:36 ----A---- C:\WINDOWS\system32\win32k.sys
2021-05-15 07:07:35 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2021-05-15 07:07:35 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2021-05-15 07:07:35 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2021-05-15 07:07:34 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2021-05-15 07:07:34 ----A---- C:\WINDOWS\system32\BFE.DLL
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\wfapigp.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\SystemEventsBrokerClient.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\icfupgd.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\fwmdmcsp.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\fwbase.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2021-05-15 07:07:32 ----A---- C:\WINDOWS\system32\windows.storage.dll
2021-05-15 07:07:31 ----A---- C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2021-05-15 07:07:31 ----A---- C:\WINDOWS\system32\ISM.dll
2021-05-15 07:07:30 ----A---- C:\WINDOWS\system32\tsf3gip.dll
2021-05-15 07:07:30 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2021-05-15 07:07:29 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2021-05-15 07:07:29 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2021-05-15 07:07:29 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2021-05-15 07:07:29 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2021-05-15 07:07:28 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2021-05-15 07:07:28 ----A---- C:\WINDOWS\system32\InputService.dll
2021-05-15 07:07:27 ----A---- C:\WINDOWS\system32\win32kbase.sys
2021-05-15 07:07:27 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2021-05-15 07:07:27 ----A---- C:\WINDOWS\system32\dxgi.dll
2021-05-15 07:07:26 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2021-05-15 07:07:25 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2021-05-15 07:07:25 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2021-05-15 07:07:25 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2021-05-15 07:07:25 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2021-05-15 07:07:25 ----A---- C:\WINDOWS\system32\cdd.dll
2021-05-15 07:07:24 ----A---- C:\WINDOWS\system32\oemlicense.dll
2021-05-15 07:07:24 ----A---- C:\WINDOWS\system32\licensingdiag.exe
2021-05-15 07:07:23 ----A---- C:\WINDOWS\system32\mskeyprotect.dll
2021-05-15 07:07:23 ----A---- C:\WINDOWS\system32\Clipc.dll
2021-05-15 07:07:22 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2021-05-15 07:07:22 ----A---- C:\WINDOWS\system32\certcli.dll
2021-05-15 07:07:21 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2021-05-15 07:07:21 ----A---- C:\WINDOWS\system32\appinfo.dll
2021-05-15 07:07:18 ----A---- C:\WINDOWS\system32\GameInput.dll
2021-05-15 07:07:17 ----A---- C:\WINDOWS\system32\aadtb.dll
2021-05-15 07:07:17 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2021-05-15 07:07:16 ----A---- C:\WINDOWS\system32\aadauthhelper.dll
2021-05-15 07:07:14 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2021-05-15 07:07:14 ----A---- C:\WINDOWS\system32\vdsbas.dll
2021-05-15 07:07:14 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2021-05-15 07:07:14 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2021-05-15 07:07:13 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2021-05-15 07:07:13 ----A---- C:\WINDOWS\system32\diskpart.exe
2021-05-15 07:07:12 ----A---- C:\WINDOWS\system32\twinui.dll
2021-05-15 07:07:12 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\Windows.Internal.PlatformExtension.DevicePickerExperience.dll
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\wfdprov.dll
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\usbmon.dll
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\StartTileData.dll
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2021-05-15 07:07:10 ----A---- C:\WINDOWS\system32\wlansec.dll
2021-05-15 07:07:10 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\system32\wlansvc.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\system32\wlanapi.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\system32\stobject.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\system32\dsregtask.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\explorer.exe
2021-05-15 07:07:08 ----A---- C:\WINDOWS\system32\Wpc.dll
2021-05-15 07:07:08 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2021-05-15 07:07:08 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2021-05-15 07:07:08 ----A---- C:\WINDOWS\system32\spoolsv.exe
2021-05-15 07:07:08 ----A---- C:\WINDOWS\system32\dsreg.dll
2021-05-15 07:07:08 ----A---- C:\WINDOWS\system32\cmifw.dll
2021-05-15 07:07:07 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2021-05-15 07:07:07 ----A---- C:\WINDOWS\system32\WpcMon.exe
2021-05-15 07:07:07 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2021-05-15 07:07:07 ----A---- C:\WINDOWS\system32\WpcApi.dll
2021-05-15 07:07:07 ----A---- C:\WINDOWS\system32\ApproveChildRequest.exe
2021-05-15 07:07:06 ----A---- C:\WINDOWS\system32\WpcTok.exe
2021-05-15 07:07:06 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2021-05-15 07:07:05 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2021-05-15 07:07:05 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2021-05-15 07:07:05 ----A---- C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\autopilot.dll
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\agentactivationruntime.dll
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\AarSvc.dll
2021-05-15 07:06:58 ----A---- C:\WINDOWS\system32\drivers\vmstorfl.sys
2021-05-15 07:06:58 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2021-05-15 07:06:58 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\storufs.sys
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\sbp2port.sys
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2021-05-15 07:06:56 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys
2021-05-15 07:06:56 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2021-05-14 22:54:35 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2021-05-14 22:54:33 ----A---- C:\WINDOWS\system32\poqexec.exe
2021-05-03 21:45:27 ----N---- C:\WINDOWS\KMSEmulator.exe
2021-05-01 11:31:08 ----D---- C:\Users\jiriw\AppData\Roaming\GHISLER
2021-05-01 11:31:08 ----D---- C:\totalcmd
2021-04-22 16:40:42 ----D---- C:\Users\jiriw\AppData\Roaming\Geek Uninstaller
2021-04-22 16:30:44 ----D---- C:\AdwCleaner
2021-04-22 16:22:18 ----D---- C:\Program Files\CCleaner
2021-04-22 16:07:02 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-20 17:06:54 ----A---- C:\WINDOWS\SYSWOW64\WinFax.dll
2021-04-20 17:06:54 ----A---- C:\WINDOWS\SYSWOW64\FXSRESM.dll
2021-04-20 17:06:54 ----A---- C:\WINDOWS\SYSWOW64\FXSCOMEX.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\SYSWOW64\FXSCOM.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\WinFax.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\FXSTIFF.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\FXST30.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\FXSRESM.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\FXSCOM.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2021-04-20 17:06:47 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2021-04-20 17:06:47 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2021-04-20 17:06:47 ----A---- C:\WINDOWS\system32\fveapibase.dll
2021-04-20 17:06:47 ----A---- C:\WINDOWS\system32\fveapi.dll
2021-04-20 17:06:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2021-04-20 17:06:45 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2021-04-20 17:06:21 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2021-04-20 17:06:21 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2021-04-20 17:06:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2021-04-20 17:06:20 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2021-04-20 17:06:20 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2021-04-20 17:06:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2021-04-20 17:06:19 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2021-04-20 17:06:19 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2021-04-20 17:06:18 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2021-04-20 17:06:15 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2021-04-20 17:06:15 ----A---- C:\WINDOWS\system32\winmde.dll
2021-04-20 17:06:14 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2021-04-20 17:06:14 ----A---- C:\WINDOWS\system32\mfsvr.dll
2021-04-20 17:06:14 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2021-04-20 17:06:14 ----A---- C:\WINDOWS\system32\mfds.dll
2021-04-20 17:06:13 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2021-04-20 17:06:13 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2021-04-20 17:06:13 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2021-04-20 17:06:12 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2021-04-20 17:06:11 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecsRaw.dll
2021-04-20 17:06:08 ----A---- C:\WINDOWS\system32\WindowsCodecsRaw.dll
2021-04-20 17:06:05 ----A---- C:\WINDOWS\SYSWOW64\opengl32.dll
2021-04-20 17:06:05 ----A---- C:\WINDOWS\SYSWOW64\msisip.dll
2021-04-20 17:06:05 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2021-04-20 17:06:05 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2021-04-20 17:05:55 ----A---- C:\WINDOWS\SYSWOW64\mstext40.dll
2021-04-20 17:05:55 ----A---- C:\WINDOWS\SYSWOW64\msoert2.dll
2021-04-20 17:05:55 ----A---- C:\WINDOWS\SYSWOW64\INETRES.dll
2021-04-20 17:05:55 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\wincredprovider.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\gpresult.exe
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\dxdiagn.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\dpapiprovider.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\dimsroam.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\cngprovider.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\capiprovider.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\adprovider.dll
2021-04-20 17:05:50 ----A---- C:\WINDOWS\SYSWOW64\cleanmgr.exe
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\icsvcext.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhtask.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhsvcctl.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhsvc.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhshl.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhmanagew.exe
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhlisten.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhcleanup.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhcfg.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2021-04-20 17:05:44 ----A---- C:\WINDOWS\system32\SIHClient.exe
2021-04-20 17:05:44 ----A---- C:\WINDOWS\system32\fhsrchph.dll
2021-04-20 17:05:44 ----A---- C:\WINDOWS\system32\fhsrchapi.dll
2021-04-20 17:05:44 ----A---- C:\WINDOWS\system32\fhevents.dll
2021-04-20 17:05:44 ----A---- C:\WINDOWS\system32\fhengine.dll
2021-04-20 17:05:44 ----A---- C:\WINDOWS\system32\fhcat.dll
2021-04-20 17:05:43 ----A---- C:\WINDOWS\system32\PktMonApi.dll
2021-04-20 17:05:43 ----A---- C:\WINDOWS\system32\PktMon.exe
2021-04-20 17:05:43 ----A---- C:\WINDOWS\system32\pcwutl.dll
2021-04-20 17:05:43 ----A---- C:\WINDOWS\system32\pcwrun.exe
2021-04-20 17:05:43 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2021-04-20 17:05:43 ----A---- C:\WINDOWS\system32\drivers\PktMon.sys
2021-04-20 17:05:42 ----A---- C:\WINDOWS\system32\rdpudd.dll
2021-04-20 17:05:42 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2021-04-20 17:05:42 ----A---- C:\WINDOWS\system32\certreq.exe
2021-04-20 17:05:41 ----A---- C:\WINDOWS\system32\opengl32.dll
2021-04-20 17:05:41 ----A---- C:\WINDOWS\system32\odbcconf.dll
2021-04-20 17:05:41 ----A---- C:\WINDOWS\system32\msisip.dll
2021-04-20 17:05:41 ----A---- C:\WINDOWS\system32\msimsg.dll
2021-04-20 17:05:41 ----A---- C:\WINDOWS\system32\msi.dll
2021-04-20 17:05:41 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2021-04-20 17:05:40 ----A---- C:\WINDOWS\system32\msoert2.dll
2021-04-20 17:05:40 ----A---- C:\WINDOWS\system32\INETRES.dll
2021-04-20 17:05:40 ----A---- C:\WINDOWS\system32\inetcomm.dll
2021-04-20 17:05:37 ----A---- C:\WINDOWS\system32\vbsapi.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\wincredprovider.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\StorSvc.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\gpresult.exe
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\dpapiprovider.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\dimsroam.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\cngprovider.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\capiprovider.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\adprovider.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\HelpPane.exe
2021-04-20 17:05:35 ----A---- C:\WINDOWS\system32\vmdevicehost.dll
2021-04-20 17:05:35 ----A---- C:\WINDOWS\system32\computestorage.dll
2021-04-20 17:05:35 ----A---- C:\WINDOWS\system32\computecore.dll
2021-04-20 17:05:32 ----A---- C:\WINDOWS\system32\securekernel.exe
2021-04-20 17:05:31 ----A---- C:\WINDOWS\system32\NgcIsoCtnr.dll
2021-04-20 17:05:25 ----A---- C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2021-04-20 17:05:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2021-04-20 17:05:24 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2021-04-20 17:05:24 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2021-04-20 17:05:23 ----A---- C:\WINDOWS\SYSWOW64\joinutil.dll
2021-04-20 17:05:23 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2021-04-20 17:05:21 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2021-04-20 17:05:20 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2021-04-20 17:05:20 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2021-04-20 17:05:20 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2021-04-20 17:05:20 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2021-04-20 17:05:20 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2021-04-20 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2021-04-20 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2021-04-20 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2021-04-20 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2021-04-20 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2021-04-20 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\MuiUnattend.exe
2021-04-20 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2021-04-20 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2021-04-20 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2021-04-20 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2021-04-20 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\credprovs.dll
2021-04-20 17:05:16 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2021-04-20 17:05:16 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2021-04-20 17:05:16 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2021-04-20 17:05:16 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2021-04-20 17:05:16 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2021-04-20 17:05:15 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2021-04-20 17:05:15 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2021-04-20 17:05:15 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2021-04-20 17:05:15 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2021-04-20 17:05:15 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2021-04-20 17:05:15 ----A---- C:\WINDOWS\SYSWOW64\cryptnet.dll
2021-04-20 17:05:14 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2021-04-20 17:05:14 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2021-04-20 17:05:14 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2021-04-20 17:05:14 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2021-04-20 17:05:14 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\winsku.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\winbrand.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\shimeng.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\pcaui.exe
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\DeviceFlows.DataModel.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\CredProvHelper.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\Apphlpdm.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\apphelp.dll
2021-04-20 17:05:12 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2021-04-20 17:05:12 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2021-04-20 17:05:11 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2021-04-20 17:05:11 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2021-04-20 17:05:11 ----A---- C:\WINDOWS\SYSWOW64\msxml6r.dll
2021-04-20 17:05:11 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2021-04-20 17:05:11 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2021-04-20 17:05:10 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2021-04-20 17:05:10 ----A---- C:\WINDOWS\SYSWOW64\dmxmlhelputils.dll
2021-04-20 17:05:10 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2021-04-20 17:05:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2021-04-20 17:05:09 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2021-04-20 17:05:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2021-04-20 17:05:08 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2021-04-20 17:05:08 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2021-04-20 17:05:08 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2021-04-20 17:05:08 ----A---- C:\WINDOWS\SYSWOW64\InputHost.dll
2021-04-20 17:05:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Display.DisplayEnhancementOverride.dll
2021-04-20 17:05:07 ----A---- C:\WINDOWS\SYSWOW64\LicenseManagerApi.dll
2021-04-20 17:05:06 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2021-04-20 17:05:06 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2021-04-20 17:05:06 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2021-04-20 17:05:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2021-04-20 17:05:05 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2021-04-20 17:05:04 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WsmWmiPl.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WsmRes.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\wsmprovhost.exe
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\wsmplpxy.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WsmAuto.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WSManMigrationPlugin.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WSManHTTPConfig.exe
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WsmAgent.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2021-04-20 17:05:02 ----A---- C:\WINDOWS\SYSWOW64\taskcomp.dll
2021-04-20 17:05:02 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2021-04-20 17:05:01 ----A---- C:\WINDOWS\SYSWOW64\TaskSchdPS.dll
2021-04-20 17:05:01 ----A---- C:\WINDOWS\SYSWOW64\sppcext.dll
2021-04-20 17:05:01 ----A---- C:\WINDOWS\SYSWOW64\schtasks.exe
2021-04-20 17:05:01 ----A---- C:\WINDOWS\SYSWOW64\onex.dll
2021-04-20 17:05:00 ----A---- C:\WINDOWS\SYSWOW64\tbs.dll
2021-04-20 17:04:59 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2021-04-20 17:04:50 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2021-04-20 17:04:50 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2021-04-20 17:04:50 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2021-04-20 17:04:50 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2021-04-20 17:04:49 ----A---- C:\WINDOWS\SYSWOW64\SpatialAudioLicenseSrv.exe
2021-04-20 17:04:49 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2021-04-20 17:04:49 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2021-04-20 17:04:49 ----A---- C:\WINDOWS\system32\spwizres.dll
2021-04-20 17:04:47 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2021-04-20 17:04:47 ----A---- C:\WINDOWS\system32\twext.dll
2021-04-20 17:04:46 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2021-04-20 17:04:46 ----A---- C:\WINDOWS\system32\rascustom.dll
2021-04-20 17:04:46 ----A---- C:\WINDOWS\system32\drvinst.exe
2021-04-20 17:04:46 ----A---- C:\WINDOWS\system32\comdlg32.dll
2021-04-20 17:04:45 ----A---- C:\WINDOWS\system32\npmproxy.dll
2021-04-20 17:04:45 ----A---- C:\WINDOWS\system32\nlmsprep.dll
2021-04-20 17:04:45 ----A---- C:\WINDOWS\system32\nlmproxy.dll
2021-04-20 17:04:45 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2021-04-20 17:04:45 ----A---- C:\WINDOWS\system32\netprofm.dll
2021-04-20 17:04:45 ----A---- C:\WINDOWS\system32\joinutil.dll
2021-04-20 17:04:43 ----A---- C:\WINDOWS\system32\WPTaskScheduler.dll
2021-04-20 17:04:43 ----A---- C:\WINDOWS\system32\TaskSchdPS.dll
2021-04-20 17:04:43 ----A---- C:\WINDOWS\system32\taskhostw.exe
2021-04-20 17:04:43 ----A---- C:\WINDOWS\system32\taskcomp.dll
2021-04-20 17:04:42 ----A---- C:\WINDOWS\system32\WUDFx02000.dll
2021-04-20 17:04:42 ----A---- C:\WINDOWS\system32\TabSvc.dll
2021-04-20 17:04:42 ----A---- C:\WINDOWS\system32\schtasks.exe
2021-04-20 17:04:42 ----A---- C:\WINDOWS\system32\ktmw32.dll
2021-04-20 17:04:42 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2021-04-20 17:04:41 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2021-04-20 17:04:41 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2021-04-20 17:04:41 ----A---- C:\WINDOWS\system32\gdi32full.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\pdh.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\d3d9.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2021-04-20 17:04:39 ----A---- C:\WINDOWS\system32\omadmclient.exe
2021-04-20 17:04:39 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2021-04-20 17:04:39 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2021-04-20 17:04:39 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2021-04-20 17:04:39 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2021-04-20 17:04:39 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\shutdownux.dll
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\policymanager.dll
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\MuiUnattend.exe
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\credprovs.dll
2021-04-20 17:04:37 ----A---- C:\WINDOWS\system32\winlogon.exe
2021-04-20 17:04:37 ----A---- C:\WINDOWS\system32\usermgr.dll
2021-04-20 17:04:37 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2021-04-20 17:04:37 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2021-04-20 17:04:28 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2021-04-20 17:04:28 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2021-04-20 17:04:27 ----A---- C:\WINDOWS\system32\lpk.dll
2021-04-20 17:04:27 ----A---- C:\WINDOWS\system32\fontsub.dll
2021-04-20 17:04:27 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2021-04-20 17:04:27 ----A---- C:\WINDOWS\system32\dciman32.dll
2021-04-20 17:04:25 ----A---- C:\WINDOWS\system32\sechost.dll
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\sspisrv.dll
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\sspicli.dll
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\lsass.exe
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\drivers\WdfLdr.sys
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2021-04-20 17:04:23 ----A---- C:\WINDOWS\system32\services.exe
2021-04-20 17:04:23 ----A---- C:\WINDOWS\system32\drivers\Wdf01000.sys
2021-04-20 17:04:20 ----A---- C:\WINDOWS\system32\wermgr.exe
2021-04-20 17:04:20 ----A---- C:\WINDOWS\system32\weretw.dll
2021-04-20 17:04:20 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2021-04-20 17:04:20 ----A---- C:\WINDOWS\system32\wer.dll
2021-04-20 17:04:18 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2021-04-20 17:04:18 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2021-04-20 17:04:17 ----A---- C:\WINDOWS\system32\lsasrv.dll
2021-04-20 17:04:16 ----A---- C:\WINDOWS\system32\winhttp.dll
2021-04-20 17:04:16 ----A---- C:\WINDOWS\system32\webio.dll
2021-04-20 17:04:16 ----A---- C:\WINDOWS\system32\pacjsworker.exe
2021-04-20 17:04:15 ----A---- C:\WINDOWS\system32\tzres.dll
2021-04-20 17:04:15 ----A---- C:\WINDOWS\system32\samsrv.dll
2021-04-20 17:04:15 ----A---- C:\WINDOWS\system32\samlib.dll
2021-04-20 17:04:15 ----A---- C:\WINDOWS\system32\profsvc.dll
2021-04-20 17:04:15 ----A---- C:\WINDOWS\system32\offlinesam.dll
2021-04-20 17:04:14 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2021-04-20 17:04:14 ----A---- C:\WINDOWS\system32\dcntel.dll
2021-04-20 17:04:13 ----A---- C:\WINDOWS\system32\rpcss.dll
2021-04-20 17:04:13 ----A---- C:\WINDOWS\system32\cryptnet.dll
2021-04-20 17:04:12 ----A---- C:\WINDOWS\system32\WinTypes.dll
2021-04-20 17:04:12 ----A---- C:\WINDOWS\system32\wincorlib.dll
2021-04-20 17:04:11 ----A---- C:\WINDOWS\system32\combase.dll
2021-04-20 17:04:11 ----A---- C:\WINDOWS\system32\aepic.dll
2021-04-20 17:04:10 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2021-04-20 17:04:09 ----A---- C:\WINDOWS\system32\dnsapi.dll
2021-04-20 17:04:07 ----A---- C:\WINDOWS\system32\dcomp.dll
2021-04-20 17:04:06 ----A---- C:\WINDOWS\system32\winsku.dll
2021-04-20 17:04:06 ----A---- C:\WINDOWS\system32\uDWM.dll
2021-04-20 17:04:05 ----A---- C:\WINDOWS\system32\winbrand.dll
2021-04-20 17:04:05 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2021-04-20 17:04:04 ----A---- C:\WINDOWS\system32\winload.exe
2021-04-20 17:04:04 ----A---- C:\WINDOWS\system32\cxcredprov.dll
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\CredProvHelper.dll
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\cflapi.dll
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\appidsvc.dll
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\appidpolicyconverter.exe
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\appidcertstorecheck.exe
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\appidapi.dll
2021-04-20 17:04:02 ----A---- C:\WINDOWS\system32\shimeng.dll
2021-04-20 17:04:02 ----A---- C:\WINDOWS\system32\sdbinst.exe
2021-04-20 17:04:02 ----A---- C:\WINDOWS\system32\generaltel.dll
2021-04-20 17:04:02 ----A---- C:\WINDOWS\system32\apphelp.dll
2021-04-20 17:04:01 ----A---- C:\WINDOWS\system32\pcaevts.dll
2021-04-20 17:04:01 ----A---- C:\WINDOWS\system32\devinv.dll
2021-04-20 17:04:00 ----A---- C:\WINDOWS\system32\pcalua.exe
2021-04-20 17:04:00 ----A---- C:\WINDOWS\system32\pcadm.dll
2021-04-20 17:03:59 ----A---- C:\WINDOWS\system32\pcaui.exe
2021-04-20 17:03:59 ----A---- C:\WINDOWS\system32\pcasvc.dll
2021-04-20 17:03:59 ----A---- C:\WINDOWS\system32\Apphlpdm.dll
2021-04-20 17:03:58 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2021-04-20 17:03:58 ----A---- C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2021-04-20 17:03:58 ----A---- C:\WINDOWS\system32\aitstatic.exe
2021-04-20 17:03:52 ----A---- C:\WINDOWS\system32\WsmRes.dll
2021-04-20 17:03:52 ----A---- C:\WINDOWS\system32\wsmprovhost.exe
2021-04-20 17:03:52 ----A---- C:\WINDOWS\system32\wsmplpxy.dll
2021-04-20 17:03:52 ----A---- C:\WINDOWS\system32\WSManMigrationPlugin.dll
2021-04-20 17:03:52 ----A---- C:\WINDOWS\system32\WSManHTTPConfig.exe
2021-04-20 17:03:52 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2021-04-20 17:03:51 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2021-04-20 17:03:51 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2021-04-20 17:03:51 ----A---- C:\WINDOWS\system32\WsmAuto.dll
2021-04-20 17:03:51 ----A---- C:\WINDOWS\system32\WsmAgent.dll
2021-04-20 17:03:45 ----A---- C:\WINDOWS\system32\wups2.dll
2021-04-20 17:03:45 ----A---- C:\WINDOWS\system32\wuauclt.exe
2021-04-20 17:03:45 ----A---- C:\WINDOWS\system32\virtdisk.dll
2021-04-20 17:03:45 ----A---- C:\WINDOWS\system32\convertvhd.exe
2021-04-20 17:03:44 ----A---- C:\WINDOWS\system32\wups.dll
2021-04-20 17:03:44 ----A---- C:\WINDOWS\system32\wuaueng.dll
2021-04-20 17:03:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2021-04-20 17:03:44 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2021-04-20 17:03:44 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2021-04-20 17:03:44 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2021-04-20 17:03:43 ----A---- C:\WINDOWS\system32\UsoClient.exe
2021-04-20 17:03:43 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2021-04-20 17:03:43 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2021-04-20 17:03:43 ----A---- C:\WINDOWS\system32\MusNotification.exe
2021-04-20 17:03:42 ----A---- C:\WINDOWS\system32\usoapi.dll
2021-04-20 17:03:41 ----A---- C:\WINDOWS\system32\wcimage.dll
2021-04-20 17:03:41 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2021-04-20 17:03:41 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2021-04-20 17:03:41 ----A---- C:\WINDOWS\system32\drivers\condrv.sys
2021-04-20 17:03:40 ----A---- C:\WINDOWS\system32\user32.dll
2021-04-20 17:03:40 ----A---- C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-20 17:03:39 ----A---- C:\WINDOWS\system32\wpnapps.dll
2021-04-20 17:03:39 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2021-04-20 17:03:39 ----A---- C:\WINDOWS\system32\drivers\CEA.sys
2021-04-20 17:03:38 ----A---- C:\WINDOWS\system32\EventAggregation.dll
2021-04-20 17:03:38 ----A---- C:\WINDOWS\system32\BrokerLib.dll
2021-04-20 17:03:37 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2021-04-20 17:03:36 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2021-04-20 17:03:36 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2021-04-20 17:03:36 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2021-04-20 17:03:36 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2021-04-20 17:03:36 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2021-04-20 17:03:35 ----A---- C:\WINDOWS\system32\LicenseManagerApi.dll
2021-04-20 17:03:35 ----A---- C:\WINDOWS\system32\InstallService.dll
2021-04-20 17:03:35 ----A---- C:\WINDOWS\system32\InputHost.dll
2021-04-20 17:03:33 ----A---- C:\WINDOWS\system32\Windows.Graphics.Display.DisplayEnhancementOverride.dll
2021-04-20 17:03:33 ----A---- C:\WINDOWS\system32\directxdatabaseupdater.exe
2021-04-20 17:03:32 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2021-04-20 17:03:32 ----A---- C:\WINDOWS\system32\dxgiadaptercache.exe
2021-04-20 17:03:31 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2021-04-20 17:03:28 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2021-04-20 17:03:28 ----A---- C:\WINDOWS\system32\msxml6r.dll
2021-04-20 17:03:28 ----A---- C:\WINDOWS\system32\msxml6.dll
2021-04-20 17:03:27 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2021-04-20 17:03:27 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2021-04-20 17:03:27 ----A---- C:\WINDOWS\system32\cryptngc.dll
2021-04-20 17:03:26 ----A---- C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2021-04-20 17:03:26 ----A---- C:\WINDOWS\system32\drivers\watchdog.sys
2021-04-20 17:03:26 ----A---- C:\WINDOWS\system32\dmxmlhelputils.dll
2021-04-20 17:03:25 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2021-04-20 17:03:22 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2021-04-20 17:03:22 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2021-04-20 17:03:21 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2021-04-20 17:03:21 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2021-04-20 17:03:21 ----A---- C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2021-04-20 17:03:21 ----A---- C:\WINDOWS\system32\cloudAP.dll
2021-04-20 17:03:20 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2021-04-20 17:03:20 ----A---- C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2021-04-20 17:03:19 ----A---- C:\WINDOWS\system32\authui.dll
2021-04-20 17:03:18 ----A---- C:\WINDOWS\system32\kernel32.dll
2021-04-20 17:03:17 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2021-04-20 17:03:17 ----A---- C:\WINDOWS\system32\lsm.dll
2021-04-20 17:03:16 ----A---- C:\WINDOWS\system32\onex.dll
2021-04-20 17:03:16 ----A---- C:\WINDOWS\system32\LicensingCSP.dll
2021-04-20 17:03:11 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2021-04-20 17:03:11 ----A---- C:\WINDOWS\system32\tbs.dll
2021-04-20 17:03:11 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2021-04-20 17:03:11 ----A---- C:\WINDOWS\system32\drivers\tbs.sys
2021-04-20 17:03:10 ----A---- C:\WINDOWS\system32\wmicmiplugin.dll
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\drivers\cmimcext.sys
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\AudioSes.dll
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2021-04-20 17:03:07 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2021-04-20 17:03:07 ----A---- C:\WINDOWS\system32\audiosrv.dll
2021-04-20 17:03:07 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2021-04-20 17:03:07 ----A---- C:\WINDOWS\system32\AudioEng.dll
2021-04-20 17:03:07 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2021-04-20 17:03:07 ----A---- C:\WINDOWS\system32\audiodg.exe
2021-04-20 17:03:06 ----A---- C:\WINDOWS\system32\Windows.Internal.System.UserProfile.dll
2021-04-20 17:03:06 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2021-04-20 17:03:05 ----A---- C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2021-04-20 17:03:03 ----A---- C:\WINDOWS\system32\drivers\Synth3dVsc.sys
2021-04-20 17:03:03 ----A---- C:\WINDOWS\system32\drivers\RfxVmt.sys
2021-04-20 17:03:03 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2021-04-20 17:03:01 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2021-04-20 17:03:01 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2021-04-20 17:03:01 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2021-04-20 17:03:01 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\pciidex.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\pciide.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\intelide.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\ataport.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\atapi.sys
2021-04-20 17:02:58 ----A---- C:\WINDOWS\system32\drivers\BthA2dp.sys
======List of files/folders modified in the last 1 month======
2021-05-15 19:31:30 ----D---- C:\Program Files
2021-05-15 19:26:49 ----D---- C:\WINDOWS\Temp
2021-05-15 19:26:25 ----D---- C:\WINDOWS\INF
2021-05-15 19:26:20 ----D---- C:\WINDOWS\Prefetch
2021-05-15 19:22:04 ----D---- C:\WINDOWS\system32\config
2021-05-15 19:19:53 ----D---- C:\WINDOWS\debug
2021-05-15 19:19:53 ----D---- C:\Windows
2021-05-15 19:18:40 ----D---- C:\WINDOWS\system32\sru
2021-05-15 19:17:58 ----D---- C:\WINDOWS\system32\SleepStudy
2021-05-15 11:40:27 ----D---- C:\WINDOWS\AppReadiness
2021-05-15 11:40:19 ----D---- C:\WINDOWS\System32
2021-05-15 11:40:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-15 11:33:00 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-05-15 11:32:24 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-05-15 11:32:14 ----D---- C:\WINDOWS\system32\Tasks
2021-05-15 11:31:54 ----D---- C:\WINDOWS\system32\drivers
2021-05-15 11:31:29 ----ASH---- C:\DumpStack.log.tmp
2021-05-15 10:47:21 ----D---- C:\WINDOWS\WinSxS
2021-05-15 10:42:11 ----D---- C:\WINDOWS\system32\DriverStore
2021-05-15 10:39:30 ----D---- C:\WINDOWS\system32\catroot2
2021-05-15 10:38:01 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\wbem
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\setup
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\oobe
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\migration
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\Dism
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SysWOW64
2021-05-15 10:37:54 ----D---- C:\WINDOWS\SystemResources
2021-05-15 10:37:50 ----D---- C:\WINDOWS\system32\WinMetadata
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\wbem
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\setup
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\OpenSSH
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\oobe
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\migration
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\lt-LT
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\en-US
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\en-GB
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\drivers\en-GB
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\Dism
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\cs-CZ
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\Boot
2021-05-15 10:37:35 ----RD---- C:\WINDOWS\PrintDialog
2021-05-15 10:37:35 ----D---- C:\WINDOWS\Provisioning
2021-05-15 10:37:35 ----D---- C:\WINDOWS\PolicyDefinitions
2021-05-15 10:37:34 ----D---- C:\WINDOWS\en-GB
2021-05-15 10:37:34 ----D---- C:\WINDOWS\DiagTrack
2021-05-15 10:37:34 ----D---- C:\WINDOWS\cs-CZ
2021-05-15 10:37:34 ----D---- C:\WINDOWS\bcastdvr
2021-05-15 10:37:34 ----D---- C:\WINDOWS\apppatch
2021-05-15 10:37:04 ----D---- C:\WINDOWS\system32\drivers\UMDF
2021-05-15 07:59:36 ----RD---- C:\WINDOWS\Microsoft.NET
2021-05-15 07:45:52 ----D---- C:\WINDOWS\CbsTemp
2021-05-15 07:41:42 ----A---- C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-15 07:38:49 ----SHD---- C:\WINDOWS\Installer
2021-05-15 07:38:48 ----SHD---- C:\Config.Msi
2021-05-15 06:40:47 ----SHD---- C:\System Volume Information
2021-05-14 23:13:45 ----HD---- C:\Program Files\WindowsApps
2021-05-14 22:52:34 ----D---- C:\WINDOWS\system32\MRT
2021-05-14 16:31:12 ----AC---- C:\WINDOWS\system32\MRT.exe
2021-05-11 21:27:01 ----D---- C:\WINDOWS\SoftwareDistribution
2021-05-07 02:56:50 ----D---- C:\KMPlayer
2021-05-03 21:45:30 ----A---- C:\WINDOWS\AutoKMS.ini
2021-05-01 09:49:43 ----D---- C:\WINDOWS\system32\Logs
2021-05-01 09:49:42 ----D---- C:\Program Files\Microsoft Update Health Tools
2021-04-23 21:17:32 ----D---- C:\ProgramData\Microsoft Help
2021-04-22 16:54:40 ----D---- C:\Users\jiriw\AppData\Roaming\Wise Disk Cleaner
2021-04-22 16:50:59 ----D---- C:\Program Files (x86)\TeamViewer
2021-04-22 16:50:57 ----RSD---- C:\WINDOWS\Fonts
2021-04-22 16:47:32 ----HD---- C:\ProgramData
2021-04-22 16:35:06 ----D---- C:\ProgramData\HP
2021-04-22 16:34:29 ----HD---- C:\hp
2021-04-22 16:34:29 ----D---- C:\Program Files (x86)\HP
2021-04-22 16:34:28 ----D---- C:\WINDOWS\system32\HP
2021-04-22 16:34:26 ----D---- C:\Users\jiriw\AppData\Roaming\Hewlett-Packard
2021-04-22 16:34:26 ----D---- C:\ProgramData\Hewlett-Packard
2021-04-22 16:08:45 ----D---- C:\WINDOWS\system32\WDI
2021-04-22 16:00:20 ----D---- C:\Program Files (x86)\Wise
2021-04-21 16:59:36 ----RD---- C:\WINDOWS\assembly
2021-04-21 16:52:04 ----D---- C:\WINDOWS\system32\CatRoot
2021-04-21 16:50:29 ----SD---- C:\WINDOWS\system32\DiagSvcs
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\zh-TW
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\zh-CN
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\uk-UA
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\tr-TR
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\th-TH
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\sv-SE
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\sl-SI
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\sk-SK
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\ru-RU
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\ro-RO
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\pt-PT
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\pt-BR
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\pl-PL
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\nl-NL
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\nb-NO
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\lv-LV
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\ko-KR
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\ja-jp
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\it-IT
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\hu-HU
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\hr-HR
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\he-IL
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\fr-FR
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\fr-CA
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\fi-FI
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\et-EE
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\es-MX
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\es-ES
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\el-GR
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\drivers\en-US
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\de-DE
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\da-DK
2021-04-21 16:50:28 ----D---- C:\WINDOWS\system32\bg-BG
2021-04-21 16:50:28 ----D---- C:\WINDOWS\system32\ar-SA
2021-04-20 17:03:02 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2021-04-20 15:17:53 ----D---- C:\WINDOWS\Logs
2021-04-18 15:54:58 ----D---- C:\WINDOWS\system32\drivers\wd
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdpsp;@oem28.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\System32\drivers\amdpsp.sys [2019-06-27 138064]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-12-07 57360]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-09-28 41984]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2021-03-18 91136]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 NNSDNS;NNSDNS; C:\WINDOWS\system32\DRIVERS\NNSDNS.sys [2020-12-02 141088]
R1 NNSHTTP;NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [2020-12-02 212768]
R1 NNSHTTPS;NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [2020-12-02 125728]
R1 NNSIDS;NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [2020-12-02 132384]
R1 NNSNAHSL;NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [2020-11-23 111296]
R1 NNSPICC;NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [2020-12-02 152864]
R1 NNSPIHSW;NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [2020-12-02 102688]
R1 NNSPOP3;NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [2020-12-02 135456]
R1 NNSPROT;NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [2020-12-02 347424]
R1 NNSPRV;NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [2020-12-10 353592]
R1 NNSSMTP;NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [2020-12-02 123168]
R1 NNSSTRM;NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [2020-12-02 327968]
R1 PSINKNC;PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [2020-12-02 216864]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2021-05-15 148816]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-05-15 495616]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-10-28 53248]
R2 PSINAflt;PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [2020-12-02 195872]
R2 PSINFile;PSINFile; C:\WINDOWS\system32\DRIVERS\PSINFile.sys [2020-12-27 171296]
R2 PSINProc;PSINProc; C:\WINDOWS\system32\DRIVERS\PSINProc.sys [2020-12-27 148768]
R2 PSINProt;PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [2020-12-02 160544]
R2 PSINReg;PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [2020-12-02 130336]
R3 aftap0901;@oem52.inf,%DeviceDescription%;AnchorFree TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\aftap0901.sys [2017-11-16 48624]
R3 AmdAS4;@oem11.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\WINDOWS\System32\drivers\AmdAS4.sys [2019-05-10 35848]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atikmdag.sys [2019-05-10 53511472]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atikmpag.sys [2019-05-10 592176]
R3 AtiHDAudioService;@oem29.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2019-05-10 108152]
R3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2021-04-20 284672]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-05-15 113664]
R3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2019-12-07 65536]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-09-28 106496]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-12-07 133632]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2021-05-15 1560064]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-05-15 110592]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
R3 HPCustomCapDriver;@oem34.inf,%HPCustomCapDriverDesc%;HP Application Driver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [2019-04-18 25024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2020-04-24 7328856]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-09-28 322376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
R3 rt640x64;@oem23.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2019-03-28 1137928]
R3 RtkBtFilter;@oem15.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2019-11-30 787232]
R3 RTWlanE;@oem2.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2019-12-04 11722328]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 psinelam;psinelam; C:\WINDOWS\system32\DRIVERS\psinelam.sys [2020-07-10 21432]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2020-10-28 18432]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-05-15 45568]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2021-05-15 95056]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-10-28 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2020-09-28 386048]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 MpKsl4cc06120;MpKsl4cc06120; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38D8FB3F-87FD-43E2-9331-3932A9C701A7}\MpKslDrv.sys [2021-04-20 97528]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-02-15 207360]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2021-04-20 129872]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 PSKMAD;PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [2019-02-20 72984]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 RTSUER;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2019-03-26 442664]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-01-25 169672]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atiesrxx.exe [2019-05-10 506672]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R2 CDPUserSvc_67973;Uživatelská služba platformy připojených zařízení_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
R2 HPAppHelperCap;@oem50.inf,%ServiceAppHelperDesc%;HP App Helper HSA Service; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe [2021-03-24 731152]
R2 HPDiagsCap;@oem50.inf,%ServiceDiagsDesc%;HP Diagnostics HSA Service; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe [2021-03-24 728608]
R2 HPNetworkCap;@oem50.inf,%ServiceNetworkDesc%;HP Network HSA Service; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe [2021-03-24 728608]
R2 HPSysInfoCap;@oem50.inf,%ServiceSysInfoDesc%;HP System Info HSA Service; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe [2021-03-24 729608]
R2 HpTouchpointAnalyticsService;@oem51.inf,%hpanalyticscomp%;HP Analytics service; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe [2021-03-17 480280]
R2 NanoServiceMain;Panda Cloud Antivirus Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2020-12-01 98896]
R2 OneSyncSvc_67973;Hostitel synchronizace_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R2 PandaAgent;Panda Devices Agent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2019-02-19 84176]
R2 pselamsvc;Panda Elam Service Protection; C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe [2020-07-09 189288]
R2 PSUAService;Panda Product Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2020-12-02 59440]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2020-04-24 269840]
R2 RtkBtManServ;@oem15.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service; C:\WINDOWS\RtkBtManServ.exe [2019-11-30 738712]
R3 BluetoothUserService_67973;Služba pro podporu uživatelů Bluetooth_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 cbdhsvc_67973;Uživatelská služba schránky_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 PimIndexMaintenanceSvc_67973;Data kontaktů_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-10-29 213392]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-05-01 156104]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 AarSvc_67973;Agent Activation Runtime_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-12-07 55664]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 BcastDVRUserService_67973;Uživatelská služba pro GameDVR a vysílání her_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 CaptureService_67973;CaptureService_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 ConsentUxUserSvc_67973;ConsentUX_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-03-18 388888]
S3 CredentialEnrollmentManagerUserSvc_67973;CredentialEnrollmentManagerUserSvc_67973; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-03-18 388888]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DeviceAssociationBrokerSvc_67973;DeviceAssociationBroker_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DevicePickerUserSvc_67973;DevicePicker_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DevicesFlowUserSvc_67973;Tok zařízení_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2021-04-20 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-10-29 213392]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\elevation_service.exe [2021-05-08 1498216]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-05-01 156104]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 MessagingService_67973;Služba zasílání zpráv_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.62\elevation_service.exe [2021-05-13 1567616]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 161472]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Panda VPN Service;Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [2017-11-20 320848]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-18 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 PrintWorkflowUserSvc_67973;PrintWorkflow_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by jiriw at 2021-05-15 19:31:29
Microsoft Windows 10 Home
System drive C: has 418 GB (88%) free of 476 GB
Total RAM: 3982 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:31:39, on 15.05.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
C:\Users\jiriw\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files\trend micro\jiriw.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hp17win10.msn.com/?pc=HCTE
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.62\BHO\ie_to_edge_bho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKCU\..\Run: [OneDrive] "C:\Users\jiriw\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\jiriw\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKCU\..\Run: [f.lux] "C:\Users\jiriw\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atiesrxx.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_67973 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem50.inf,%ServiceAppHelperDesc%;HP App Helper HSA Service (HPAppHelperCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe
O23 - Service: @oem50.inf,%ServiceDiagsDesc%;HP Diagnostics HSA Service (HPDiagsCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe
O23 - Service: @oem50.inf,%ServiceNetworkDesc%;HP Network HSA Service (HPNetworkCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe
O23 - Service: @oem50.inf,%ServiceSysInfoDesc%;HP System Info HSA Service (HPSysInfoCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe
O23 - Service: @oem51.inf,%hpanalyticscomp%;HP Analytics service (HpTouchpointAnalyticsService) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Panda VPN Service - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Panda Elam Service Protection (pselamsvc) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @oem15.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkBtManServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @oem4.inf,%SynTPEnhService.SVCDESC%;SynTPEnhService (SynTPEnhService) - Unknown owner - C:\WINDOWS\System32\SynTPEnhService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11065 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s bthserv
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe
C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe
C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe
C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\System32\SynTPEnhService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
atieclxx
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\WLANExt.exe 2626287397760
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe"
"C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\RtkBtManServ.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k netsvcs
sihost.exe
"C:\WINDOWS\System32\SynTPEnh.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k BthAppGroup -p -s BluetoothUserService
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
schtasks /change /TN "AMDLinkUpdate" /TR "\"C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe\" -AMDLinkUpdate"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe"
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21042.95.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe"
"C:\Program Files\AMD\CNext\CNext\amdow.exe" 4808
"C:\Users\jiriw\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\rundll32.exe" -localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe" -ServerName:microsoft.windowslive.mail.AppXfbjsbkxvprcgqg6q4c9jfr0pn3kv9x5s.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
dashost.exe {3f3f6be5-ff56-445e-be710ea4d27b2028}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\WINDOWS\system32\AUDIODG.EXE 0x4f0
"C:\WINDOWS\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\BridgeCommunication.exe" 5d8ee695-2684-4d45-883d-71e80c19f021 Global\2aba4625-c70b-4358-947d-403cbe29ff83 1612
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\jiriw\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\jiriw\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=90.0.4430.212 --initial-client-data=0xf0,0xf4,0xf8,0xc8,0xfc,0x7ffadd5a2920,0x7ffadd5a2930,0x7ffadd5a2940
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1716 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=1984 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=2408 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=6468 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4268 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
C:\WINDOWS\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8976 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1704,4573090783759700482,14513147867818378507,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 800 804 812 8192 808 784
"C:\Users\jiriw\Downloads\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.62\BHO\ie_to_edge_bho_64.dll [2021-05-13 550792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.62\BHO\ie_to_edge_bho.dll [2021-05-13 409984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2020-04-24 11235928]
"RtlS5Wake"=C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2018-04-18 2097600]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\jiriw\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-03-22 1579368]
"com.squirrel.Teams.Teams"=C:\Users\jiriw\AppData\Local\Microsoft\Teams\Update.exe [2021-04-18 2453728]
"f.lux"=C:\Users\jiriw\AppData\Local\FluxSoftware\Flux\flux.exe [2021-02-04 1511824]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-04-22 33698888]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"PSUAMain"=C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [2020-12-02 168456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"MaxGPOScriptWait"=600
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2021-05-15 19:31:30 ----D---- C:\Program Files\trend micro
2021-05-15 19:31:29 ----D---- C:\rsit
2021-05-15 07:09:59 ----A---- C:\WINDOWS\system32\wbadmin.exe
2021-05-15 07:09:59 ----A---- C:\WINDOWS\system32\msrahc.dll
2021-05-15 07:09:54 ----A---- C:\WINDOWS\system32\WalletService.dll
2021-05-15 07:09:49 ----A---- C:\WINDOWS\SYSWOW64\quickassist.exe
2021-05-15 07:09:49 ----A---- C:\WINDOWS\system32\quickassist.exe
2021-05-15 07:09:48 ----A---- C:\WINDOWS\system32\libcrypto.dll
2021-05-15 07:09:32 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2021-05-15 07:09:32 ----A---- C:\WINDOWS\SYSWOW64\mfh264enc.dll
2021-05-15 07:09:32 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2021-05-15 07:09:31 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2021-05-15 07:09:31 ----A---- C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2021-05-15 07:09:31 ----A---- C:\WINDOWS\system32\HoloSI.PCShell.dll
2021-05-15 07:09:31 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2021-05-15 07:09:28 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2021-05-15 07:09:27 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2021-05-15 07:09:26 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2021-05-15 07:09:26 ----A---- C:\WINDOWS\system32\mfps.dll
2021-05-15 07:09:26 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2021-05-15 07:09:26 ----A---- C:\WINDOWS\system32\mfh264enc.dll
2021-05-15 07:09:26 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2021-05-15 07:09:25 ----A---- C:\WINDOWS\system32\mfcore.dll
2021-05-15 07:09:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2021-05-15 07:09:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2021-05-15 07:09:23 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2021-05-15 07:09:23 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2021-05-15 07:09:23 ----A---- C:\WINDOWS\SYSWOW64\remotepg.dll
2021-05-15 07:09:23 ----A---- C:\WINDOWS\SYSWOW64\rdvvmtransport.dll
2021-05-15 07:09:23 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2021-05-15 07:09:22 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2021-05-15 07:09:22 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2021-05-15 07:09:22 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2021-05-15 07:09:22 ----A---- C:\WINDOWS\SYSWOW64\FrameServerClient.dll
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\CheckNetIsolation.exe
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\fwcfg.dll
2021-05-15 07:09:21 ----A---- C:\WINDOWS\SYSWOW64\authfwcfg.dll
2021-05-15 07:09:20 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2021-05-15 07:09:20 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2021-05-15 07:09:20 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2021-05-15 07:09:18 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2021-05-15 07:09:18 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2021-05-15 07:09:17 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\smphost.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\nshhttp.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2021-05-15 07:09:15 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2021-05-15 07:09:14 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2021-05-15 07:09:12 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2021-05-15 07:09:12 ----A---- C:\WINDOWS\system32\Spectrum.exe
2021-05-15 07:09:12 ----A---- C:\WINDOWS\system32\dsregcmd.exe
2021-05-15 07:09:11 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2021-05-15 07:09:11 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2021-05-15 07:09:11 ----A---- C:\WINDOWS\system32\rdvvmtransport.dll
2021-05-15 07:09:10 ----A---- C:\WINDOWS\system32\tsgqec.dll
2021-05-15 07:09:10 ----A---- C:\WINDOWS\system32\termsrv.dll
2021-05-15 07:09:10 ----A---- C:\WINDOWS\system32\SessEnv.dll
2021-05-15 07:09:10 ----A---- C:\WINDOWS\system32\remotepg.dll
2021-05-15 07:09:10 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\wsp_health.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\mstscax.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\FsIso.exe
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\FrameServerClient.dll
2021-05-15 07:09:09 ----A---- C:\WINDOWS\system32\FrameServer.dll
2021-05-15 07:09:08 ----A---- C:\WINDOWS\system32\reseteng.dll
2021-05-15 07:09:08 ----A---- C:\WINDOWS\system32\nshwfp.dll
2021-05-15 07:09:08 ----A---- C:\WINDOWS\system32\CheckNetIsolation.exe
2021-05-15 07:09:08 ----A---- C:\WINDOWS\system32\fwcfg.dll
2021-05-15 07:09:08 ----A---- C:\WINDOWS\system32\authfwcfg.dll
2021-05-15 07:09:07 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2021-05-15 07:09:07 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2021-05-15 07:09:06 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2021-05-15 07:09:06 ----A---- C:\WINDOWS\system32\ieframe.dll
2021-05-15 07:09:05 ----A---- C:\WINDOWS\system32\jscript9.dll
2021-05-15 07:09:04 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2021-05-15 07:09:04 ----A---- C:\WINDOWS\system32\Chakra.dll
2021-05-15 07:09:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2021-05-15 07:09:01 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2021-05-15 07:09:01 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2021-05-15 07:08:58 ----A---- C:\WINDOWS\system32\smphost.dll
2021-05-15 07:08:58 ----A---- C:\WINDOWS\system32\nshhttp.dll
2021-05-15 07:08:58 ----A---- C:\WINDOWS\system32\jscript.dll
2021-05-15 07:08:58 ----A---- C:\WINDOWS\system32\edgehtml.dll
2021-05-15 07:08:58 ----A---- C:\WINDOWS\system32\drivers\EhStorClass.sys
2021-05-15 07:08:58 ----A---- C:\WINDOWS\system32\DispBroker.Desktop.dll
2021-05-15 07:08:57 ----A---- C:\WINDOWS\system32\spaceman.exe
2021-05-15 07:08:57 ----A---- C:\WINDOWS\system32\mispace.dll
2021-05-15 07:08:56 ----A---- C:\WINDOWS\system32\Windows.Internal.PlatformExtension.MiracastBannerExperience.dll
2021-05-15 07:08:56 ----A---- C:\WINDOWS\system32\storagewmi.dll
2021-05-15 07:08:46 ----A---- C:\WINDOWS\system32\resutils.dll
2021-05-15 07:08:46 ----A---- C:\WINDOWS\system32\clusapi.dll
2021-05-15 07:08:46 ----A---- C:\WINDOWS\system32\CIDiag.exe
2021-05-15 07:08:45 ----A---- C:\WINDOWS\system32\tcbloader.dll
2021-05-15 07:08:45 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2021-05-15 07:08:45 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2021-05-15 07:08:44 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2021-05-15 07:08:44 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2021-05-15 07:08:44 ----A---- C:\WINDOWS\system32\hvloader.dll
2021-05-15 07:08:44 ----A---- C:\WINDOWS\system32\hvix64.exe
2021-05-15 07:08:44 ----A---- C:\WINDOWS\system32\hvax64.exe
2021-05-15 07:08:44 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\rtm.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\mprdim.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\iprtrmgr.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\iprtprio.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\fphc.dll
2021-05-15 07:08:43 ----A---- C:\WINDOWS\SYSWOW64\drvstore.dll
2021-05-15 07:08:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2021-05-15 07:08:41 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2021-05-15 07:08:41 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2021-05-15 07:08:41 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2021-05-15 07:08:41 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\winipsec.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\polstore.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\nshipsec.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\httpapi.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\FwRemoteSvr.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\DMAppsRes.dll
2021-05-15 07:08:40 ----A---- C:\WINDOWS\SYSWOW64\dabapi.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\PCShellCommonProxyStub.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2021-05-15 07:08:39 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2021-05-15 07:08:38 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2021-05-15 07:08:38 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2021-05-15 07:08:38 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2021-05-15 07:08:38 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2021-05-15 07:08:38 ----A---- C:\WINDOWS\SYSWOW64\mskeyprotect.dll
2021-05-15 07:08:38 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2021-05-15 07:08:37 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2021-05-15 07:08:36 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2021-05-15 07:08:36 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2021-05-15 07:08:36 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2021-05-15 07:08:36 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2021-05-15 07:08:36 ----A---- C:\WINDOWS\SYSWOW64\fwbase.dll
2021-05-15 07:08:36 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2021-05-15 07:08:35 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2021-05-15 07:08:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2021-05-15 07:08:35 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2021-05-15 07:08:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2021-05-15 07:08:35 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2021-05-15 07:08:35 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2021-05-15 07:08:34 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.Ngc.dll
2021-05-15 07:08:34 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2021-05-15 07:08:34 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2021-05-15 07:08:34 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2021-05-15 07:08:34 ----A---- C:\WINDOWS\SYSWOW64\dsregtask.dll
2021-05-15 07:08:34 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2021-05-15 07:08:33 ----A---- C:\WINDOWS\SYSWOW64\SystemEventsBrokerClient.dll
2021-05-15 07:08:33 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2021-05-15 07:08:33 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2021-05-15 07:08:33 ----A---- C:\WINDOWS\SYSWOW64\aadauthhelper.dll
2021-05-15 07:08:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2021-05-15 07:08:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2021-05-15 07:08:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2021-05-15 07:08:29 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2021-05-15 07:08:29 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2021-05-15 07:08:29 ----A---- C:\WINDOWS\SYSWOW64\diskpart.exe
2021-05-15 07:08:28 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2021-05-15 07:08:28 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2021-05-15 07:08:27 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2021-05-15 07:08:26 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2021-05-15 07:08:26 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2021-05-15 07:08:25 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2021-05-15 07:08:24 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2021-05-15 07:08:24 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2021-05-15 07:08:24 ----A---- C:\WINDOWS\SYSWOW64\cmifw.dll
2021-05-15 07:08:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2021-05-15 07:08:23 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2021-05-15 07:08:23 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntime.dll
2021-05-15 07:08:23 ----A---- C:\WINDOWS\SYSWOW64\AarSvc.dll
2021-05-15 07:08:22 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntimewindows.dll
2021-05-15 07:08:22 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-15 07:08:16 ----A---- C:\WINDOWS\system32\shell32.dll
2021-05-15 07:08:16 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2021-05-15 07:08:15 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2021-05-15 07:08:15 ----A---- C:\WINDOWS\system32\vpnike.dll
2021-05-15 07:08:15 ----A---- C:\WINDOWS\system32\vbscript.dll
2021-05-15 07:08:15 ----A---- C:\WINDOWS\system32\rasmans.dll
2021-05-15 07:08:15 ----A---- C:\WINDOWS\system32\rasapi32.dll
2021-05-15 07:08:15 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2021-05-15 07:08:14 ----A---- C:\WINDOWS\system32\rtm.dll
2021-05-15 07:08:14 ----A---- C:\WINDOWS\system32\mprdim.dll
2021-05-15 07:08:14 ----A---- C:\WINDOWS\system32\mprddm.dll
2021-05-15 07:08:14 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2021-05-15 07:08:14 ----A---- C:\WINDOWS\system32\iprtprio.dll
2021-05-15 07:08:14 ----A---- C:\WINDOWS\system32\drivers\ipfltdrv.sys
2021-05-15 07:08:08 ----A---- C:\WINDOWS\system32\sppnp.dll
2021-05-15 07:08:08 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2021-05-15 07:08:08 ----A---- C:\WINDOWS\system32\fphc.dll
2021-05-15 07:08:08 ----A---- C:\WINDOWS\system32\drvstore.dll
2021-05-15 07:08:07 ----A---- C:\WINDOWS\system32\ubpm.dll
2021-05-15 07:08:07 ----A---- C:\WINDOWS\system32\taskschd.dll
2021-05-15 07:08:07 ----A---- C:\WINDOWS\system32\schedsvc.dll
2021-05-15 07:08:07 ----A---- C:\WINDOWS\system32\pnidui.dll
2021-05-15 07:08:07 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2021-05-15 07:08:06 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2021-05-15 07:08:06 ----A---- C:\WINDOWS\system32\LockController.dll
2021-05-15 07:08:06 ----A---- C:\WINDOWS\system32\drivers\scsiport.sys
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\winipsec.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\urlmon.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\polstore.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\nshipsec.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\msIso.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\IPSECSVC.DLL
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\iertutil.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\FwRemoteSvr.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\edgeIso.dll
2021-05-15 07:08:05 ----A---- C:\WINDOWS\system32\DMAppsRes.dll
2021-05-15 07:08:04 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2021-05-15 07:08:04 ----A---- C:\WINDOWS\system32\wkssvc.dll
2021-05-15 07:08:04 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2021-05-15 07:08:04 ----A---- C:\WINDOWS\system32\msctf.dll
2021-05-15 07:08:04 ----A---- C:\WINDOWS\system32\LogonController.dll
2021-05-15 07:08:04 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2021-05-15 07:08:04 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2021-05-15 07:08:03 ----A---- C:\WINDOWS\system32\KernelBase.dll
2021-05-15 07:08:03 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2021-05-15 07:08:03 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2021-05-15 07:08:03 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2021-05-15 07:08:02 ----A---- C:\WINDOWS\system32\smss.exe
2021-05-15 07:08:02 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2021-05-15 07:08:01 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\utcutil.dll
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\runexehelper.exe
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\ntdll.dll
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\hal.dll
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\diagnosticdataquery.dll
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\dabapi.dll
2021-05-15 07:08:00 ----A---- C:\WINDOWS\system32\dab.dll
2021-05-15 07:07:59 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2021-05-15 07:07:59 ----A---- C:\WINDOWS\system32\oleaut32.dll
2021-05-15 07:07:59 ----A---- C:\WINDOWS\system32\httpapi.dll
2021-05-15 07:07:59 ----A---- C:\WINDOWS\system32\drivers\http.sys
2021-05-15 07:07:59 ----A---- C:\WINDOWS\system32\diagtrack.dll
2021-05-15 07:07:59 ----A---- C:\WINDOWS\system32\ci.dll
2021-05-15 07:07:58 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2021-05-15 07:07:58 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2021-05-15 07:07:57 ----A---- C:\WINDOWS\system32\wow64.dll
2021-05-15 07:07:57 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2021-05-15 07:07:57 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2021-05-15 07:07:57 ----A---- C:\WINDOWS\system32\conhost.exe
2021-05-15 07:07:56 ----A---- C:\WINDOWS\system32\wimserv.exe
2021-05-15 07:07:56 ----A---- C:\WINDOWS\system32\wimgapi.dll
2021-05-15 07:07:56 ----A---- C:\WINDOWS\system32\dwmcore.dll
2021-05-15 07:07:56 ----A---- C:\WINDOWS\system32\drivers\wimmount.sys
2021-05-15 07:07:55 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2021-05-15 07:07:55 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2021-05-15 07:07:54 ----A---- C:\WINDOWS\system32\refsutil.exe
2021-05-15 07:07:53 ----A---- C:\WINDOWS\system32\uReFS.dll
2021-05-15 07:07:53 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2021-05-15 07:07:53 ----A---- C:\WINDOWS\system32\cldapi.dll
2021-05-15 07:07:51 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2021-05-15 07:07:51 ----A---- C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2021-05-15 07:07:51 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2021-05-15 07:07:51 ----A---- C:\WINDOWS\system32\appraiser.dll
2021-05-15 07:07:51 ----A---- C:\WINDOWS\system32\acmigration.dll
2021-05-15 07:07:50 ----A---- C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2021-05-15 07:07:50 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2021-05-15 07:07:50 ----A---- C:\WINDOWS\system32\invagent.dll
2021-05-15 07:07:50 ----A---- C:\WINDOWS\system32\ConstraintIndex.Search.dll
2021-05-15 07:07:50 ----A---- C:\WINDOWS\system32\aeinv.dll
2021-05-15 07:07:49 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2021-05-15 07:07:42 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2021-05-15 07:07:42 ----A---- C:\WINDOWS\system32\NotificationController.dll
2021-05-15 07:07:42 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2021-05-15 07:07:42 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2021-05-15 07:07:42 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2021-05-15 07:07:42 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2021-05-15 07:07:41 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2021-05-15 07:07:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2021-05-15 07:07:40 ----A---- C:\WINDOWS\system32\ReAgent.dll
2021-05-15 07:07:39 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2021-05-15 07:07:39 ----A---- C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\Windows.Internal.CapturePicker.Desktop.dll
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\usosvc.dll
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\MoUsoCoreWorker.exe
2021-05-15 07:07:38 ----A---- C:\WINDOWS\system32\AppResolver.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\wc_storage.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\SHCore.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\daxexec.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\container.dll
2021-05-15 07:07:37 ----A---- C:\WINDOWS\system32\bindfltapi.dll
2021-05-15 07:07:36 ----A---- C:\WINDOWS\system32\win32u.dll
2021-05-15 07:07:36 ----A---- C:\WINDOWS\system32\win32kfull.sys
2021-05-15 07:07:36 ----A---- C:\WINDOWS\system32\win32k.sys
2021-05-15 07:07:35 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2021-05-15 07:07:35 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2021-05-15 07:07:35 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2021-05-15 07:07:34 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2021-05-15 07:07:34 ----A---- C:\WINDOWS\system32\BFE.DLL
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\wfapigp.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\SystemEventsBrokerClient.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\icfupgd.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\fwmdmcsp.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\fwbase.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2021-05-15 07:07:33 ----A---- C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2021-05-15 07:07:32 ----A---- C:\WINDOWS\system32\windows.storage.dll
2021-05-15 07:07:31 ----A---- C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2021-05-15 07:07:31 ----A---- C:\WINDOWS\system32\ISM.dll
2021-05-15 07:07:30 ----A---- C:\WINDOWS\system32\tsf3gip.dll
2021-05-15 07:07:30 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2021-05-15 07:07:29 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2021-05-15 07:07:29 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2021-05-15 07:07:29 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2021-05-15 07:07:29 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2021-05-15 07:07:28 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2021-05-15 07:07:28 ----A---- C:\WINDOWS\system32\InputService.dll
2021-05-15 07:07:27 ----A---- C:\WINDOWS\system32\win32kbase.sys
2021-05-15 07:07:27 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2021-05-15 07:07:27 ----A---- C:\WINDOWS\system32\dxgi.dll
2021-05-15 07:07:26 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2021-05-15 07:07:25 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2021-05-15 07:07:25 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2021-05-15 07:07:25 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2021-05-15 07:07:25 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2021-05-15 07:07:25 ----A---- C:\WINDOWS\system32\cdd.dll
2021-05-15 07:07:24 ----A---- C:\WINDOWS\system32\oemlicense.dll
2021-05-15 07:07:24 ----A---- C:\WINDOWS\system32\licensingdiag.exe
2021-05-15 07:07:23 ----A---- C:\WINDOWS\system32\mskeyprotect.dll
2021-05-15 07:07:23 ----A---- C:\WINDOWS\system32\Clipc.dll
2021-05-15 07:07:22 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2021-05-15 07:07:22 ----A---- C:\WINDOWS\system32\certcli.dll
2021-05-15 07:07:21 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2021-05-15 07:07:21 ----A---- C:\WINDOWS\system32\appinfo.dll
2021-05-15 07:07:18 ----A---- C:\WINDOWS\system32\GameInput.dll
2021-05-15 07:07:17 ----A---- C:\WINDOWS\system32\aadtb.dll
2021-05-15 07:07:17 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2021-05-15 07:07:16 ----A---- C:\WINDOWS\system32\aadauthhelper.dll
2021-05-15 07:07:14 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2021-05-15 07:07:14 ----A---- C:\WINDOWS\system32\vdsbas.dll
2021-05-15 07:07:14 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2021-05-15 07:07:14 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2021-05-15 07:07:13 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2021-05-15 07:07:13 ----A---- C:\WINDOWS\system32\diskpart.exe
2021-05-15 07:07:12 ----A---- C:\WINDOWS\system32\twinui.dll
2021-05-15 07:07:12 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\Windows.Internal.PlatformExtension.DevicePickerExperience.dll
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\wfdprov.dll
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\usbmon.dll
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\StartTileData.dll
2021-05-15 07:07:11 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2021-05-15 07:07:10 ----A---- C:\WINDOWS\system32\wlansec.dll
2021-05-15 07:07:10 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\system32\wlansvc.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\system32\wlanapi.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\system32\stobject.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\system32\dsregtask.dll
2021-05-15 07:07:09 ----A---- C:\WINDOWS\explorer.exe
2021-05-15 07:07:08 ----A---- C:\WINDOWS\system32\Wpc.dll
2021-05-15 07:07:08 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2021-05-15 07:07:08 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2021-05-15 07:07:08 ----A---- C:\WINDOWS\system32\spoolsv.exe
2021-05-15 07:07:08 ----A---- C:\WINDOWS\system32\dsreg.dll
2021-05-15 07:07:08 ----A---- C:\WINDOWS\system32\cmifw.dll
2021-05-15 07:07:07 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2021-05-15 07:07:07 ----A---- C:\WINDOWS\system32\WpcMon.exe
2021-05-15 07:07:07 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2021-05-15 07:07:07 ----A---- C:\WINDOWS\system32\WpcApi.dll
2021-05-15 07:07:07 ----A---- C:\WINDOWS\system32\ApproveChildRequest.exe
2021-05-15 07:07:06 ----A---- C:\WINDOWS\system32\WpcTok.exe
2021-05-15 07:07:06 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2021-05-15 07:07:05 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2021-05-15 07:07:05 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2021-05-15 07:07:05 ----A---- C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\autopilot.dll
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\agentactivationruntime.dll
2021-05-15 07:07:04 ----A---- C:\WINDOWS\system32\AarSvc.dll
2021-05-15 07:06:58 ----A---- C:\WINDOWS\system32\drivers\vmstorfl.sys
2021-05-15 07:06:58 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2021-05-15 07:06:58 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\storufs.sys
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\sbp2port.sys
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2021-05-15 07:06:57 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2021-05-15 07:06:56 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys
2021-05-15 07:06:56 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2021-05-14 22:54:35 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2021-05-14 22:54:33 ----A---- C:\WINDOWS\system32\poqexec.exe
2021-05-03 21:45:27 ----N---- C:\WINDOWS\KMSEmulator.exe
2021-05-01 11:31:08 ----D---- C:\Users\jiriw\AppData\Roaming\GHISLER
2021-05-01 11:31:08 ----D---- C:\totalcmd
2021-04-22 16:40:42 ----D---- C:\Users\jiriw\AppData\Roaming\Geek Uninstaller
2021-04-22 16:30:44 ----D---- C:\AdwCleaner
2021-04-22 16:22:18 ----D---- C:\Program Files\CCleaner
2021-04-22 16:07:02 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-20 17:06:54 ----A---- C:\WINDOWS\SYSWOW64\WinFax.dll
2021-04-20 17:06:54 ----A---- C:\WINDOWS\SYSWOW64\FXSRESM.dll
2021-04-20 17:06:54 ----A---- C:\WINDOWS\SYSWOW64\FXSCOMEX.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\SYSWOW64\FXSCOM.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\WinFax.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\FXSTIFF.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\FXST30.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\FXSRESM.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\FXSCOM.dll
2021-04-20 17:06:53 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2021-04-20 17:06:47 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2021-04-20 17:06:47 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2021-04-20 17:06:47 ----A---- C:\WINDOWS\system32\fveapibase.dll
2021-04-20 17:06:47 ----A---- C:\WINDOWS\system32\fveapi.dll
2021-04-20 17:06:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2021-04-20 17:06:45 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2021-04-20 17:06:21 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2021-04-20 17:06:21 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2021-04-20 17:06:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2021-04-20 17:06:20 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2021-04-20 17:06:20 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2021-04-20 17:06:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2021-04-20 17:06:19 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2021-04-20 17:06:19 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2021-04-20 17:06:18 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2021-04-20 17:06:15 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2021-04-20 17:06:15 ----A---- C:\WINDOWS\system32\winmde.dll
2021-04-20 17:06:14 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2021-04-20 17:06:14 ----A---- C:\WINDOWS\system32\mfsvr.dll
2021-04-20 17:06:14 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2021-04-20 17:06:14 ----A---- C:\WINDOWS\system32\mfds.dll
2021-04-20 17:06:13 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2021-04-20 17:06:13 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2021-04-20 17:06:13 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2021-04-20 17:06:12 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2021-04-20 17:06:11 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecsRaw.dll
2021-04-20 17:06:08 ----A---- C:\WINDOWS\system32\WindowsCodecsRaw.dll
2021-04-20 17:06:05 ----A---- C:\WINDOWS\SYSWOW64\opengl32.dll
2021-04-20 17:06:05 ----A---- C:\WINDOWS\SYSWOW64\msisip.dll
2021-04-20 17:06:05 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2021-04-20 17:06:05 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2021-04-20 17:05:55 ----A---- C:\WINDOWS\SYSWOW64\mstext40.dll
2021-04-20 17:05:55 ----A---- C:\WINDOWS\SYSWOW64\msoert2.dll
2021-04-20 17:05:55 ----A---- C:\WINDOWS\SYSWOW64\INETRES.dll
2021-04-20 17:05:55 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\wincredprovider.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\gpresult.exe
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\dxdiagn.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\dpapiprovider.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\dimsroam.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\cngprovider.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\capiprovider.dll
2021-04-20 17:05:51 ----A---- C:\WINDOWS\SYSWOW64\adprovider.dll
2021-04-20 17:05:50 ----A---- C:\WINDOWS\SYSWOW64\cleanmgr.exe
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\icsvcext.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhtask.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhsvcctl.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhsvc.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhshl.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhmanagew.exe
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhlisten.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhcleanup.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\fhcfg.dll
2021-04-20 17:05:45 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2021-04-20 17:05:44 ----A---- C:\WINDOWS\system32\SIHClient.exe
2021-04-20 17:05:44 ----A---- C:\WINDOWS\system32\fhsrchph.dll
2021-04-20 17:05:44 ----A---- C:\WINDOWS\system32\fhsrchapi.dll
2021-04-20 17:05:44 ----A---- C:\WINDOWS\system32\fhevents.dll
2021-04-20 17:05:44 ----A---- C:\WINDOWS\system32\fhengine.dll
2021-04-20 17:05:44 ----A---- C:\WINDOWS\system32\fhcat.dll
2021-04-20 17:05:43 ----A---- C:\WINDOWS\system32\PktMonApi.dll
2021-04-20 17:05:43 ----A---- C:\WINDOWS\system32\PktMon.exe
2021-04-20 17:05:43 ----A---- C:\WINDOWS\system32\pcwutl.dll
2021-04-20 17:05:43 ----A---- C:\WINDOWS\system32\pcwrun.exe
2021-04-20 17:05:43 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2021-04-20 17:05:43 ----A---- C:\WINDOWS\system32\drivers\PktMon.sys
2021-04-20 17:05:42 ----A---- C:\WINDOWS\system32\rdpudd.dll
2021-04-20 17:05:42 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2021-04-20 17:05:42 ----A---- C:\WINDOWS\system32\certreq.exe
2021-04-20 17:05:41 ----A---- C:\WINDOWS\system32\opengl32.dll
2021-04-20 17:05:41 ----A---- C:\WINDOWS\system32\odbcconf.dll
2021-04-20 17:05:41 ----A---- C:\WINDOWS\system32\msisip.dll
2021-04-20 17:05:41 ----A---- C:\WINDOWS\system32\msimsg.dll
2021-04-20 17:05:41 ----A---- C:\WINDOWS\system32\msi.dll
2021-04-20 17:05:41 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2021-04-20 17:05:40 ----A---- C:\WINDOWS\system32\msoert2.dll
2021-04-20 17:05:40 ----A---- C:\WINDOWS\system32\INETRES.dll
2021-04-20 17:05:40 ----A---- C:\WINDOWS\system32\inetcomm.dll
2021-04-20 17:05:37 ----A---- C:\WINDOWS\system32\vbsapi.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\wincredprovider.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\StorSvc.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\gpresult.exe
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\dpapiprovider.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\dimsroam.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\cngprovider.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\capiprovider.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\system32\adprovider.dll
2021-04-20 17:05:36 ----A---- C:\WINDOWS\HelpPane.exe
2021-04-20 17:05:35 ----A---- C:\WINDOWS\system32\vmdevicehost.dll
2021-04-20 17:05:35 ----A---- C:\WINDOWS\system32\computestorage.dll
2021-04-20 17:05:35 ----A---- C:\WINDOWS\system32\computecore.dll
2021-04-20 17:05:32 ----A---- C:\WINDOWS\system32\securekernel.exe
2021-04-20 17:05:31 ----A---- C:\WINDOWS\system32\NgcIsoCtnr.dll
2021-04-20 17:05:25 ----A---- C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2021-04-20 17:05:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2021-04-20 17:05:24 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2021-04-20 17:05:24 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2021-04-20 17:05:23 ----A---- C:\WINDOWS\SYSWOW64\joinutil.dll
2021-04-20 17:05:23 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2021-04-20 17:05:21 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2021-04-20 17:05:20 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2021-04-20 17:05:20 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2021-04-20 17:05:20 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2021-04-20 17:05:20 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2021-04-20 17:05:20 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2021-04-20 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2021-04-20 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2021-04-20 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2021-04-20 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2021-04-20 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2021-04-20 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\MuiUnattend.exe
2021-04-20 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2021-04-20 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2021-04-20 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2021-04-20 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2021-04-20 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\credprovs.dll
2021-04-20 17:05:16 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2021-04-20 17:05:16 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2021-04-20 17:05:16 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2021-04-20 17:05:16 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2021-04-20 17:05:16 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2021-04-20 17:05:15 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2021-04-20 17:05:15 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2021-04-20 17:05:15 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2021-04-20 17:05:15 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2021-04-20 17:05:15 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2021-04-20 17:05:15 ----A---- C:\WINDOWS\SYSWOW64\cryptnet.dll
2021-04-20 17:05:14 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2021-04-20 17:05:14 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2021-04-20 17:05:14 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2021-04-20 17:05:14 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2021-04-20 17:05:14 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\winsku.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\winbrand.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\shimeng.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\pcaui.exe
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\DeviceFlows.DataModel.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\CredProvHelper.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\Apphlpdm.dll
2021-04-20 17:05:13 ----A---- C:\WINDOWS\SYSWOW64\apphelp.dll
2021-04-20 17:05:12 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2021-04-20 17:05:12 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2021-04-20 17:05:11 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2021-04-20 17:05:11 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2021-04-20 17:05:11 ----A---- C:\WINDOWS\SYSWOW64\msxml6r.dll
2021-04-20 17:05:11 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2021-04-20 17:05:11 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2021-04-20 17:05:10 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2021-04-20 17:05:10 ----A---- C:\WINDOWS\SYSWOW64\dmxmlhelputils.dll
2021-04-20 17:05:10 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2021-04-20 17:05:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2021-04-20 17:05:09 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2021-04-20 17:05:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2021-04-20 17:05:08 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2021-04-20 17:05:08 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2021-04-20 17:05:08 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2021-04-20 17:05:08 ----A---- C:\WINDOWS\SYSWOW64\InputHost.dll
2021-04-20 17:05:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Display.DisplayEnhancementOverride.dll
2021-04-20 17:05:07 ----A---- C:\WINDOWS\SYSWOW64\LicenseManagerApi.dll
2021-04-20 17:05:06 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2021-04-20 17:05:06 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2021-04-20 17:05:06 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2021-04-20 17:05:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2021-04-20 17:05:05 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2021-04-20 17:05:04 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WsmWmiPl.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WsmRes.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\wsmprovhost.exe
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\wsmplpxy.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WsmAuto.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WSManMigrationPlugin.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WSManHTTPConfig.exe
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\WsmAgent.dll
2021-04-20 17:05:03 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2021-04-20 17:05:02 ----A---- C:\WINDOWS\SYSWOW64\taskcomp.dll
2021-04-20 17:05:02 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2021-04-20 17:05:01 ----A---- C:\WINDOWS\SYSWOW64\TaskSchdPS.dll
2021-04-20 17:05:01 ----A---- C:\WINDOWS\SYSWOW64\sppcext.dll
2021-04-20 17:05:01 ----A---- C:\WINDOWS\SYSWOW64\schtasks.exe
2021-04-20 17:05:01 ----A---- C:\WINDOWS\SYSWOW64\onex.dll
2021-04-20 17:05:00 ----A---- C:\WINDOWS\SYSWOW64\tbs.dll
2021-04-20 17:04:59 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2021-04-20 17:04:50 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2021-04-20 17:04:50 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2021-04-20 17:04:50 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2021-04-20 17:04:50 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2021-04-20 17:04:49 ----A---- C:\WINDOWS\SYSWOW64\SpatialAudioLicenseSrv.exe
2021-04-20 17:04:49 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2021-04-20 17:04:49 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2021-04-20 17:04:49 ----A---- C:\WINDOWS\system32\spwizres.dll
2021-04-20 17:04:47 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2021-04-20 17:04:47 ----A---- C:\WINDOWS\system32\twext.dll
2021-04-20 17:04:46 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2021-04-20 17:04:46 ----A---- C:\WINDOWS\system32\rascustom.dll
2021-04-20 17:04:46 ----A---- C:\WINDOWS\system32\drvinst.exe
2021-04-20 17:04:46 ----A---- C:\WINDOWS\system32\comdlg32.dll
2021-04-20 17:04:45 ----A---- C:\WINDOWS\system32\npmproxy.dll
2021-04-20 17:04:45 ----A---- C:\WINDOWS\system32\nlmsprep.dll
2021-04-20 17:04:45 ----A---- C:\WINDOWS\system32\nlmproxy.dll
2021-04-20 17:04:45 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2021-04-20 17:04:45 ----A---- C:\WINDOWS\system32\netprofm.dll
2021-04-20 17:04:45 ----A---- C:\WINDOWS\system32\joinutil.dll
2021-04-20 17:04:43 ----A---- C:\WINDOWS\system32\WPTaskScheduler.dll
2021-04-20 17:04:43 ----A---- C:\WINDOWS\system32\TaskSchdPS.dll
2021-04-20 17:04:43 ----A---- C:\WINDOWS\system32\taskhostw.exe
2021-04-20 17:04:43 ----A---- C:\WINDOWS\system32\taskcomp.dll
2021-04-20 17:04:42 ----A---- C:\WINDOWS\system32\WUDFx02000.dll
2021-04-20 17:04:42 ----A---- C:\WINDOWS\system32\TabSvc.dll
2021-04-20 17:04:42 ----A---- C:\WINDOWS\system32\schtasks.exe
2021-04-20 17:04:42 ----A---- C:\WINDOWS\system32\ktmw32.dll
2021-04-20 17:04:42 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2021-04-20 17:04:41 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2021-04-20 17:04:41 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2021-04-20 17:04:41 ----A---- C:\WINDOWS\system32\gdi32full.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\pdh.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\d3d9.dll
2021-04-20 17:04:40 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2021-04-20 17:04:39 ----A---- C:\WINDOWS\system32\omadmclient.exe
2021-04-20 17:04:39 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2021-04-20 17:04:39 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2021-04-20 17:04:39 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2021-04-20 17:04:39 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2021-04-20 17:04:39 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\shutdownux.dll
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\policymanager.dll
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\MuiUnattend.exe
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2021-04-20 17:04:38 ----A---- C:\WINDOWS\system32\credprovs.dll
2021-04-20 17:04:37 ----A---- C:\WINDOWS\system32\winlogon.exe
2021-04-20 17:04:37 ----A---- C:\WINDOWS\system32\usermgr.dll
2021-04-20 17:04:37 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2021-04-20 17:04:37 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2021-04-20 17:04:28 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2021-04-20 17:04:28 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2021-04-20 17:04:27 ----A---- C:\WINDOWS\system32\lpk.dll
2021-04-20 17:04:27 ----A---- C:\WINDOWS\system32\fontsub.dll
2021-04-20 17:04:27 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2021-04-20 17:04:27 ----A---- C:\WINDOWS\system32\dciman32.dll
2021-04-20 17:04:25 ----A---- C:\WINDOWS\system32\sechost.dll
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\sspisrv.dll
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\sspicli.dll
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\lsass.exe
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\drivers\WdfLdr.sys
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2021-04-20 17:04:24 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2021-04-20 17:04:23 ----A---- C:\WINDOWS\system32\services.exe
2021-04-20 17:04:23 ----A---- C:\WINDOWS\system32\drivers\Wdf01000.sys
2021-04-20 17:04:20 ----A---- C:\WINDOWS\system32\wermgr.exe
2021-04-20 17:04:20 ----A---- C:\WINDOWS\system32\weretw.dll
2021-04-20 17:04:20 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2021-04-20 17:04:20 ----A---- C:\WINDOWS\system32\wer.dll
2021-04-20 17:04:18 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2021-04-20 17:04:18 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2021-04-20 17:04:17 ----A---- C:\WINDOWS\system32\lsasrv.dll
2021-04-20 17:04:16 ----A---- C:\WINDOWS\system32\winhttp.dll
2021-04-20 17:04:16 ----A---- C:\WINDOWS\system32\webio.dll
2021-04-20 17:04:16 ----A---- C:\WINDOWS\system32\pacjsworker.exe
2021-04-20 17:04:15 ----A---- C:\WINDOWS\system32\tzres.dll
2021-04-20 17:04:15 ----A---- C:\WINDOWS\system32\samsrv.dll
2021-04-20 17:04:15 ----A---- C:\WINDOWS\system32\samlib.dll
2021-04-20 17:04:15 ----A---- C:\WINDOWS\system32\profsvc.dll
2021-04-20 17:04:15 ----A---- C:\WINDOWS\system32\offlinesam.dll
2021-04-20 17:04:14 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2021-04-20 17:04:14 ----A---- C:\WINDOWS\system32\dcntel.dll
2021-04-20 17:04:13 ----A---- C:\WINDOWS\system32\rpcss.dll
2021-04-20 17:04:13 ----A---- C:\WINDOWS\system32\cryptnet.dll
2021-04-20 17:04:12 ----A---- C:\WINDOWS\system32\WinTypes.dll
2021-04-20 17:04:12 ----A---- C:\WINDOWS\system32\wincorlib.dll
2021-04-20 17:04:11 ----A---- C:\WINDOWS\system32\combase.dll
2021-04-20 17:04:11 ----A---- C:\WINDOWS\system32\aepic.dll
2021-04-20 17:04:10 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2021-04-20 17:04:09 ----A---- C:\WINDOWS\system32\dnsapi.dll
2021-04-20 17:04:07 ----A---- C:\WINDOWS\system32\dcomp.dll
2021-04-20 17:04:06 ----A---- C:\WINDOWS\system32\winsku.dll
2021-04-20 17:04:06 ----A---- C:\WINDOWS\system32\uDWM.dll
2021-04-20 17:04:05 ----A---- C:\WINDOWS\system32\winbrand.dll
2021-04-20 17:04:05 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2021-04-20 17:04:04 ----A---- C:\WINDOWS\system32\winload.exe
2021-04-20 17:04:04 ----A---- C:\WINDOWS\system32\cxcredprov.dll
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\CredProvHelper.dll
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\cflapi.dll
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\appidsvc.dll
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\appidpolicyconverter.exe
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\appidcertstorecheck.exe
2021-04-20 17:04:03 ----A---- C:\WINDOWS\system32\appidapi.dll
2021-04-20 17:04:02 ----A---- C:\WINDOWS\system32\shimeng.dll
2021-04-20 17:04:02 ----A---- C:\WINDOWS\system32\sdbinst.exe
2021-04-20 17:04:02 ----A---- C:\WINDOWS\system32\generaltel.dll
2021-04-20 17:04:02 ----A---- C:\WINDOWS\system32\apphelp.dll
2021-04-20 17:04:01 ----A---- C:\WINDOWS\system32\pcaevts.dll
2021-04-20 17:04:01 ----A---- C:\WINDOWS\system32\devinv.dll
2021-04-20 17:04:00 ----A---- C:\WINDOWS\system32\pcalua.exe
2021-04-20 17:04:00 ----A---- C:\WINDOWS\system32\pcadm.dll
2021-04-20 17:03:59 ----A---- C:\WINDOWS\system32\pcaui.exe
2021-04-20 17:03:59 ----A---- C:\WINDOWS\system32\pcasvc.dll
2021-04-20 17:03:59 ----A---- C:\WINDOWS\system32\Apphlpdm.dll
2021-04-20 17:03:58 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2021-04-20 17:03:58 ----A---- C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2021-04-20 17:03:58 ----A---- C:\WINDOWS\system32\aitstatic.exe
2021-04-20 17:03:52 ----A---- C:\WINDOWS\system32\WsmRes.dll
2021-04-20 17:03:52 ----A---- C:\WINDOWS\system32\wsmprovhost.exe
2021-04-20 17:03:52 ----A---- C:\WINDOWS\system32\wsmplpxy.dll
2021-04-20 17:03:52 ----A---- C:\WINDOWS\system32\WSManMigrationPlugin.dll
2021-04-20 17:03:52 ----A---- C:\WINDOWS\system32\WSManHTTPConfig.exe
2021-04-20 17:03:52 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2021-04-20 17:03:51 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2021-04-20 17:03:51 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2021-04-20 17:03:51 ----A---- C:\WINDOWS\system32\WsmAuto.dll
2021-04-20 17:03:51 ----A---- C:\WINDOWS\system32\WsmAgent.dll
2021-04-20 17:03:45 ----A---- C:\WINDOWS\system32\wups2.dll
2021-04-20 17:03:45 ----A---- C:\WINDOWS\system32\wuauclt.exe
2021-04-20 17:03:45 ----A---- C:\WINDOWS\system32\virtdisk.dll
2021-04-20 17:03:45 ----A---- C:\WINDOWS\system32\convertvhd.exe
2021-04-20 17:03:44 ----A---- C:\WINDOWS\system32\wups.dll
2021-04-20 17:03:44 ----A---- C:\WINDOWS\system32\wuaueng.dll
2021-04-20 17:03:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2021-04-20 17:03:44 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2021-04-20 17:03:44 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2021-04-20 17:03:44 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2021-04-20 17:03:43 ----A---- C:\WINDOWS\system32\UsoClient.exe
2021-04-20 17:03:43 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2021-04-20 17:03:43 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2021-04-20 17:03:43 ----A---- C:\WINDOWS\system32\MusNotification.exe
2021-04-20 17:03:42 ----A---- C:\WINDOWS\system32\usoapi.dll
2021-04-20 17:03:41 ----A---- C:\WINDOWS\system32\wcimage.dll
2021-04-20 17:03:41 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2021-04-20 17:03:41 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2021-04-20 17:03:41 ----A---- C:\WINDOWS\system32\drivers\condrv.sys
2021-04-20 17:03:40 ----A---- C:\WINDOWS\system32\user32.dll
2021-04-20 17:03:40 ----A---- C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-20 17:03:39 ----A---- C:\WINDOWS\system32\wpnapps.dll
2021-04-20 17:03:39 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2021-04-20 17:03:39 ----A---- C:\WINDOWS\system32\drivers\CEA.sys
2021-04-20 17:03:38 ----A---- C:\WINDOWS\system32\EventAggregation.dll
2021-04-20 17:03:38 ----A---- C:\WINDOWS\system32\BrokerLib.dll
2021-04-20 17:03:37 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2021-04-20 17:03:36 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2021-04-20 17:03:36 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2021-04-20 17:03:36 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2021-04-20 17:03:36 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2021-04-20 17:03:36 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2021-04-20 17:03:35 ----A---- C:\WINDOWS\system32\LicenseManagerApi.dll
2021-04-20 17:03:35 ----A---- C:\WINDOWS\system32\InstallService.dll
2021-04-20 17:03:35 ----A---- C:\WINDOWS\system32\InputHost.dll
2021-04-20 17:03:33 ----A---- C:\WINDOWS\system32\Windows.Graphics.Display.DisplayEnhancementOverride.dll
2021-04-20 17:03:33 ----A---- C:\WINDOWS\system32\directxdatabaseupdater.exe
2021-04-20 17:03:32 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2021-04-20 17:03:32 ----A---- C:\WINDOWS\system32\dxgiadaptercache.exe
2021-04-20 17:03:31 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2021-04-20 17:03:28 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2021-04-20 17:03:28 ----A---- C:\WINDOWS\system32\msxml6r.dll
2021-04-20 17:03:28 ----A---- C:\WINDOWS\system32\msxml6.dll
2021-04-20 17:03:27 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2021-04-20 17:03:27 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2021-04-20 17:03:27 ----A---- C:\WINDOWS\system32\cryptngc.dll
2021-04-20 17:03:26 ----A---- C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2021-04-20 17:03:26 ----A---- C:\WINDOWS\system32\drivers\watchdog.sys
2021-04-20 17:03:26 ----A---- C:\WINDOWS\system32\dmxmlhelputils.dll
2021-04-20 17:03:25 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2021-04-20 17:03:22 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2021-04-20 17:03:22 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2021-04-20 17:03:21 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2021-04-20 17:03:21 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2021-04-20 17:03:21 ----A---- C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2021-04-20 17:03:21 ----A---- C:\WINDOWS\system32\cloudAP.dll
2021-04-20 17:03:20 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2021-04-20 17:03:20 ----A---- C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2021-04-20 17:03:19 ----A---- C:\WINDOWS\system32\authui.dll
2021-04-20 17:03:18 ----A---- C:\WINDOWS\system32\kernel32.dll
2021-04-20 17:03:17 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2021-04-20 17:03:17 ----A---- C:\WINDOWS\system32\lsm.dll
2021-04-20 17:03:16 ----A---- C:\WINDOWS\system32\onex.dll
2021-04-20 17:03:16 ----A---- C:\WINDOWS\system32\LicensingCSP.dll
2021-04-20 17:03:11 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2021-04-20 17:03:11 ----A---- C:\WINDOWS\system32\tbs.dll
2021-04-20 17:03:11 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2021-04-20 17:03:11 ----A---- C:\WINDOWS\system32\drivers\tbs.sys
2021-04-20 17:03:10 ----A---- C:\WINDOWS\system32\wmicmiplugin.dll
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\drivers\cmimcext.sys
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\AudioSes.dll
2021-04-20 17:03:08 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2021-04-20 17:03:07 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2021-04-20 17:03:07 ----A---- C:\WINDOWS\system32\audiosrv.dll
2021-04-20 17:03:07 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2021-04-20 17:03:07 ----A---- C:\WINDOWS\system32\AudioEng.dll
2021-04-20 17:03:07 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2021-04-20 17:03:07 ----A---- C:\WINDOWS\system32\audiodg.exe
2021-04-20 17:03:06 ----A---- C:\WINDOWS\system32\Windows.Internal.System.UserProfile.dll
2021-04-20 17:03:06 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2021-04-20 17:03:05 ----A---- C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2021-04-20 17:03:03 ----A---- C:\WINDOWS\system32\drivers\Synth3dVsc.sys
2021-04-20 17:03:03 ----A---- C:\WINDOWS\system32\drivers\RfxVmt.sys
2021-04-20 17:03:03 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2021-04-20 17:03:01 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2021-04-20 17:03:01 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2021-04-20 17:03:01 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2021-04-20 17:03:01 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\pciidex.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\pciide.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\intelide.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\ataport.sys
2021-04-20 17:03:00 ----A---- C:\WINDOWS\system32\drivers\atapi.sys
2021-04-20 17:02:58 ----A---- C:\WINDOWS\system32\drivers\BthA2dp.sys
======List of files/folders modified in the last 1 month======
2021-05-15 19:31:30 ----D---- C:\Program Files
2021-05-15 19:26:49 ----D---- C:\WINDOWS\Temp
2021-05-15 19:26:25 ----D---- C:\WINDOWS\INF
2021-05-15 19:26:20 ----D---- C:\WINDOWS\Prefetch
2021-05-15 19:22:04 ----D---- C:\WINDOWS\system32\config
2021-05-15 19:19:53 ----D---- C:\WINDOWS\debug
2021-05-15 19:19:53 ----D---- C:\Windows
2021-05-15 19:18:40 ----D---- C:\WINDOWS\system32\sru
2021-05-15 19:17:58 ----D---- C:\WINDOWS\system32\SleepStudy
2021-05-15 11:40:27 ----D---- C:\WINDOWS\AppReadiness
2021-05-15 11:40:19 ----D---- C:\WINDOWS\System32
2021-05-15 11:40:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-15 11:33:00 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-05-15 11:32:24 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-05-15 11:32:14 ----D---- C:\WINDOWS\system32\Tasks
2021-05-15 11:31:54 ----D---- C:\WINDOWS\system32\drivers
2021-05-15 11:31:29 ----ASH---- C:\DumpStack.log.tmp
2021-05-15 10:47:21 ----D---- C:\WINDOWS\WinSxS
2021-05-15 10:42:11 ----D---- C:\WINDOWS\system32\DriverStore
2021-05-15 10:39:30 ----D---- C:\WINDOWS\system32\catroot2
2021-05-15 10:38:01 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\wbem
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\setup
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\oobe
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\migration
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\Dism
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2021-05-15 10:38:00 ----D---- C:\WINDOWS\SysWOW64
2021-05-15 10:37:54 ----D---- C:\WINDOWS\SystemResources
2021-05-15 10:37:50 ----D---- C:\WINDOWS\system32\WinMetadata
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\wbem
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\setup
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\OpenSSH
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\oobe
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\migration
2021-05-15 10:37:49 ----D---- C:\WINDOWS\system32\lt-LT
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\en-US
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\en-GB
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\drivers\en-GB
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\Dism
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\cs-CZ
2021-05-15 10:37:48 ----D---- C:\WINDOWS\system32\Boot
2021-05-15 10:37:35 ----RD---- C:\WINDOWS\PrintDialog
2021-05-15 10:37:35 ----D---- C:\WINDOWS\Provisioning
2021-05-15 10:37:35 ----D---- C:\WINDOWS\PolicyDefinitions
2021-05-15 10:37:34 ----D---- C:\WINDOWS\en-GB
2021-05-15 10:37:34 ----D---- C:\WINDOWS\DiagTrack
2021-05-15 10:37:34 ----D---- C:\WINDOWS\cs-CZ
2021-05-15 10:37:34 ----D---- C:\WINDOWS\bcastdvr
2021-05-15 10:37:34 ----D---- C:\WINDOWS\apppatch
2021-05-15 10:37:04 ----D---- C:\WINDOWS\system32\drivers\UMDF
2021-05-15 07:59:36 ----RD---- C:\WINDOWS\Microsoft.NET
2021-05-15 07:45:52 ----D---- C:\WINDOWS\CbsTemp
2021-05-15 07:41:42 ----A---- C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-15 07:38:49 ----SHD---- C:\WINDOWS\Installer
2021-05-15 07:38:48 ----SHD---- C:\Config.Msi
2021-05-15 06:40:47 ----SHD---- C:\System Volume Information
2021-05-14 23:13:45 ----HD---- C:\Program Files\WindowsApps
2021-05-14 22:52:34 ----D---- C:\WINDOWS\system32\MRT
2021-05-14 16:31:12 ----AC---- C:\WINDOWS\system32\MRT.exe
2021-05-11 21:27:01 ----D---- C:\WINDOWS\SoftwareDistribution
2021-05-07 02:56:50 ----D---- C:\KMPlayer
2021-05-03 21:45:30 ----A---- C:\WINDOWS\AutoKMS.ini
2021-05-01 09:49:43 ----D---- C:\WINDOWS\system32\Logs
2021-05-01 09:49:42 ----D---- C:\Program Files\Microsoft Update Health Tools
2021-04-23 21:17:32 ----D---- C:\ProgramData\Microsoft Help
2021-04-22 16:54:40 ----D---- C:\Users\jiriw\AppData\Roaming\Wise Disk Cleaner
2021-04-22 16:50:59 ----D---- C:\Program Files (x86)\TeamViewer
2021-04-22 16:50:57 ----RSD---- C:\WINDOWS\Fonts
2021-04-22 16:47:32 ----HD---- C:\ProgramData
2021-04-22 16:35:06 ----D---- C:\ProgramData\HP
2021-04-22 16:34:29 ----HD---- C:\hp
2021-04-22 16:34:29 ----D---- C:\Program Files (x86)\HP
2021-04-22 16:34:28 ----D---- C:\WINDOWS\system32\HP
2021-04-22 16:34:26 ----D---- C:\Users\jiriw\AppData\Roaming\Hewlett-Packard
2021-04-22 16:34:26 ----D---- C:\ProgramData\Hewlett-Packard
2021-04-22 16:08:45 ----D---- C:\WINDOWS\system32\WDI
2021-04-22 16:00:20 ----D---- C:\Program Files (x86)\Wise
2021-04-21 16:59:36 ----RD---- C:\WINDOWS\assembly
2021-04-21 16:52:04 ----D---- C:\WINDOWS\system32\CatRoot
2021-04-21 16:50:29 ----SD---- C:\WINDOWS\system32\DiagSvcs
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\zh-TW
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\zh-CN
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\uk-UA
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\tr-TR
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\th-TH
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\sv-SE
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\sl-SI
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\sk-SK
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\ru-RU
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\ro-RO
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\pt-PT
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\pt-BR
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\pl-PL
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\nl-NL
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\nb-NO
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\lv-LV
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\ko-KR
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\ja-jp
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\it-IT
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\hu-HU
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\hr-HR
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\he-IL
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\fr-FR
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\fr-CA
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\fi-FI
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\et-EE
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\es-MX
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\es-ES
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\el-GR
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\drivers\en-US
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\de-DE
2021-04-21 16:50:29 ----D---- C:\WINDOWS\system32\da-DK
2021-04-21 16:50:28 ----D---- C:\WINDOWS\system32\bg-BG
2021-04-21 16:50:28 ----D---- C:\WINDOWS\system32\ar-SA
2021-04-20 17:03:02 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2021-04-20 15:17:53 ----D---- C:\WINDOWS\Logs
2021-04-18 15:54:58 ----D---- C:\WINDOWS\system32\drivers\wd
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdpsp;@oem28.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\System32\drivers\amdpsp.sys [2019-06-27 138064]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-12-07 57360]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-09-28 41984]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2021-03-18 91136]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 NNSDNS;NNSDNS; C:\WINDOWS\system32\DRIVERS\NNSDNS.sys [2020-12-02 141088]
R1 NNSHTTP;NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [2020-12-02 212768]
R1 NNSHTTPS;NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [2020-12-02 125728]
R1 NNSIDS;NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [2020-12-02 132384]
R1 NNSNAHSL;NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [2020-11-23 111296]
R1 NNSPICC;NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [2020-12-02 152864]
R1 NNSPIHSW;NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [2020-12-02 102688]
R1 NNSPOP3;NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [2020-12-02 135456]
R1 NNSPROT;NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [2020-12-02 347424]
R1 NNSPRV;NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [2020-12-10 353592]
R1 NNSSMTP;NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [2020-12-02 123168]
R1 NNSSTRM;NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [2020-12-02 327968]
R1 PSINKNC;PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [2020-12-02 216864]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2021-05-15 148816]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-05-15 495616]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-10-28 53248]
R2 PSINAflt;PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [2020-12-02 195872]
R2 PSINFile;PSINFile; C:\WINDOWS\system32\DRIVERS\PSINFile.sys [2020-12-27 171296]
R2 PSINProc;PSINProc; C:\WINDOWS\system32\DRIVERS\PSINProc.sys [2020-12-27 148768]
R2 PSINProt;PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [2020-12-02 160544]
R2 PSINReg;PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [2020-12-02 130336]
R3 aftap0901;@oem52.inf,%DeviceDescription%;AnchorFree TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\aftap0901.sys [2017-11-16 48624]
R3 AmdAS4;@oem11.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\WINDOWS\System32\drivers\AmdAS4.sys [2019-05-10 35848]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atikmdag.sys [2019-05-10 53511472]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atikmpag.sys [2019-05-10 592176]
R3 AtiHDAudioService;@oem29.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2019-05-10 108152]
R3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2021-04-20 284672]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-05-15 113664]
R3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2019-12-07 65536]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-09-28 106496]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-12-07 133632]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2021-05-15 1560064]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-05-15 110592]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
R3 HPCustomCapDriver;@oem34.inf,%HPCustomCapDriverDesc%;HP Application Driver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [2019-04-18 25024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2020-04-24 7328856]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-09-28 322376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
R3 rt640x64;@oem23.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2019-03-28 1137928]
R3 RtkBtFilter;@oem15.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2019-11-30 787232]
R3 RTWlanE;@oem2.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2019-12-04 11722328]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 psinelam;psinelam; C:\WINDOWS\system32\DRIVERS\psinelam.sys [2020-07-10 21432]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2020-10-28 18432]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-05-15 45568]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2021-05-15 95056]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-10-28 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2020-09-28 386048]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 MpKsl4cc06120;MpKsl4cc06120; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38D8FB3F-87FD-43E2-9331-3932A9C701A7}\MpKslDrv.sys [2021-04-20 97528]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-02-15 207360]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2021-04-20 129872]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 PSKMAD;PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [2019-02-20 72984]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 RTSUER;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2019-03-26 442664]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-01-25 169672]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atiesrxx.exe [2019-05-10 506672]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R2 CDPUserSvc_67973;Uživatelská služba platformy připojených zařízení_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
R2 HPAppHelperCap;@oem50.inf,%ServiceAppHelperDesc%;HP App Helper HSA Service; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe [2021-03-24 731152]
R2 HPDiagsCap;@oem50.inf,%ServiceDiagsDesc%;HP Diagnostics HSA Service; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe [2021-03-24 728608]
R2 HPNetworkCap;@oem50.inf,%ServiceNetworkDesc%;HP Network HSA Service; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe [2021-03-24 728608]
R2 HPSysInfoCap;@oem50.inf,%ServiceSysInfoDesc%;HP System Info HSA Service; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe [2021-03-24 729608]
R2 HpTouchpointAnalyticsService;@oem51.inf,%hpanalyticscomp%;HP Analytics service; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe [2021-03-17 480280]
R2 NanoServiceMain;Panda Cloud Antivirus Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2020-12-01 98896]
R2 OneSyncSvc_67973;Hostitel synchronizace_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R2 PandaAgent;Panda Devices Agent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2019-02-19 84176]
R2 pselamsvc;Panda Elam Service Protection; C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe [2020-07-09 189288]
R2 PSUAService;Panda Product Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2020-12-02 59440]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2020-04-24 269840]
R2 RtkBtManServ;@oem15.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service; C:\WINDOWS\RtkBtManServ.exe [2019-11-30 738712]
R3 BluetoothUserService_67973;Služba pro podporu uživatelů Bluetooth_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 cbdhsvc_67973;Uživatelská služba schránky_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 PimIndexMaintenanceSvc_67973;Data kontaktů_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-10-29 213392]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-05-01 156104]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 AarSvc_67973;Agent Activation Runtime_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-12-07 55664]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 BcastDVRUserService_67973;Uživatelská služba pro GameDVR a vysílání her_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 CaptureService_67973;CaptureService_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 ConsentUxUserSvc_67973;ConsentUX_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-03-18 388888]
S3 CredentialEnrollmentManagerUserSvc_67973;CredentialEnrollmentManagerUserSvc_67973; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-03-18 388888]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DeviceAssociationBrokerSvc_67973;DeviceAssociationBroker_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DevicePickerUserSvc_67973;DevicePicker_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DevicesFlowUserSvc_67973;Tok zařízení_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2021-04-20 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-10-29 213392]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\elevation_service.exe [2021-05-08 1498216]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-05-01 156104]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 MessagingService_67973;Služba zasílání zpráv_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.62\elevation_service.exe [2021-05-13 1567616]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 161472]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Panda VPN Service;Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [2017-11-20 320848]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-18 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 PrintWorkflowUserSvc_67973;PrintWorkflow_67973; C:\WINDOWS\system32\svchost.exe [2020-10-28 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2020-10-28 57360]
-----------------EOF-----------------
Re: Prosím o kontrolu logu - zpomalený ntb
Ahoj
vycisti ntb s Adwcleanerom log sem
vycisti ntb s Adwcleanerom log sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu - zpomalený ntb
Ahoj, tady je log z Adwcleaneru:
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-28.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-16-2021
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 1
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Needs Reboot Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
*************************
AdwCleaner[S00].txt - [2895 octets] - [22/04/2021 16:32:37]
AdwCleaner[C00].txt - [3245 octets] - [22/04/2021 16:34:35]
AdwCleaner[S01].txt - [1598 octets] - [16/05/2021 10:19:49]
AdwCleaner[S02].txt - [1659 octets] - [16/05/2021 11:38:08]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-28.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-16-2021
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 1
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Needs Reboot Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
*************************
AdwCleaner[S00].txt - [2895 octets] - [22/04/2021 16:32:37]
AdwCleaner[C00].txt - [3245 octets] - [22/04/2021 16:34:35]
AdwCleaner[S01].txt - [1598 octets] - [16/05/2021 10:19:49]
AdwCleaner[S02].txt - [1659 octets] - [16/05/2021 11:38:08]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Re: Prosím o kontrolu logu - zpomalený ntb
Vloz logy FRST obidva
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu - zpomalený ntb
Tady to je:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05-2021
Ran by jiriw (administrator) on LAPTOP-P4MHDA7I (HP HP Laptop 15-bw0xx) (16-05-2021 15:04:02)
Running from C:\Users\jiriw\Downloads
Loaded Profiles: jiriw
Platform: Windows 10 Home Version 2004 19041.985 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atiesrxx.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\jiriw\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\jiriw\Downloads\adwcleaner_8.2.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Panda Security S.L. -> Panda Security S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [168456 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\jiriw\AppData\Local\Microsoft\Teams\Update.exe [2453728 2021-04-18] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Run: [f.lux] => C:\Users\jiriw\AppData\Local\FluxSoftware\Flux\flux.exe [1511824 2021-02-04] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-11] (Google LLC -> Google LLC)
GroupPolicyScripts: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {042649D1-5F82-41AA-8E11-FA69EEEE4B4A} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [8776024 2021-03-09] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
Task: {0FBA887F-EDAD-4BA9-992F-BBE736B4DCBA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {2189A8D4-CBD8-4518-87A4-F24B7DB69C1B} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [66952 2019-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3D065143-F2CD-4F2F-B517-283E9B6EBBA1} - no filepath
Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - no filepath
Task: {718DF5A7-352B-4006-995A-8DD575483DAB} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {A3B4E16E-982E-45A4-AC5C-D200D202BF25} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-05-10] (Advanced Micro Devices, Inc.) [File not signed]
Task: {A7BC175F-E82C-48D9-80EA-AF284D95F186} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {BF13E033-27CA-4A81-B008-983D0DACEB68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-01] (Google LLC -> Google LLC)
Task: {D70F5B5C-923A-432B-AB5B-54EA143182A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-01] (Google LLC -> Google LLC)
Task: {E95E71A2-C2F9-4750-BB81-E6A3659A6C0C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F63870B6-57FA-43A1-91AD-1EDB612BD3F3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {FFF7F9BE-0CF6-4310-B5A5-578F60D4584B} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-05-10] (Advanced Micro Devices, Inc.) [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3ca99e4d-a49c-44cf-b72a-5903f8d042a7}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4bc9a890-9a67-4c78-a7b6-a4fdefa5438d}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\jiriw\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-15]
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default [2021-05-16]
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://ow2.res.office365.com/assets/mail/pwa/v1/pngs/Outlook.48x48x32.png
CHR Extension: (Prezentace) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-15]
CHR Extension: (Dokumenty) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-15]
CHR Extension: (Disk Google) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-15]
CHR Extension: (Outlook) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\faolnafnngnfdaknnbpnkhgohbobgegn [2020-03-25]
CHR Extension: (Tabulky) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe [731152 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe [728608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe [728608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe [729608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe [480280 2021-03-17] (HP Inc. -> HP Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [98896 2020-12-01] (Panda Security S.L. -> Panda Security, S.L.)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] (AnchorFree Inc -> )
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 pselamsvc; C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe [189288 2020-07-09] (Panda Security S.L. -> Panda Security S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [59440 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.5-0\NisSrv.exe [2599296 2021-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.5-0\MsMpEng.exe [128360 2021-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
S3 MpKsl4cc06120; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38D8FB3F-87FD-43E2-9331-3932A9C701A7}\MpKslDrv.sys [97528 2021-04-20] (Microsoft Windows -> Microsoft Corporation)
R1 NNSDNS; C:\WINDOWS\system32\DRIVERS\NNSDNS.sys [141088 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [212768 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [125728 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [132384 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [111296 2020-11-23] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [152864 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [102688 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135456 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [347424 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [353592 2020-12-10] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123168 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [327968 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [195872 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
S0 psinelam; C:\WINDOWS\System32\DRIVERS\psinelam.sys [21432 2020-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [171296 2020-12-27] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [216864 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [148768 2020-12-27] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [160544 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [130336 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72984 2019-02-20] (Panda Security S.L. -> Panda Security, S.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49544 2021-04-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421112 2021-04-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73952 2021-04-18] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-16 15:04 - 2021-05-16 15:05 - 000018920 _____ C:\Users\jiriw\Downloads\FRST.txt
2021-05-16 15:03 - 2021-05-16 15:04 - 000000000 ____D C:\FRST
2021-05-16 11:51 - 2021-05-16 11:51 - 002299392 _____ (Farbar) C:\Users\jiriw\Downloads\FRST64.exe
2021-05-16 11:51 - 2021-05-16 11:51 - 002012160 _____ (Farbar) C:\Users\jiriw\Downloads\FRST.exe
2021-05-16 11:42 - 2021-05-16 11:42 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-05-16 10:40 - 2021-05-16 10:40 - 000241999 _____ C:\Users\jiriw\Downloads\3BTZ0022-regulator_solaru.pdf
2021-05-16 10:17 - 2021-05-16 10:18 - 008534696 _____ (Malwarebytes) C:\Users\jiriw\Downloads\adwcleaner_8.2.exe
2021-05-15 19:31 - 2021-05-16 10:24 - 000000000 ____D C:\Program Files\trend micro
2021-05-15 19:31 - 2021-05-15 19:31 - 000000000 ____D C:\rsit
2021-05-15 19:30 - 2021-05-15 19:30 - 001222144 _____ C:\Users\jiriw\Downloads\RSITx64.exe
2021-05-15 11:59 - 2021-05-15 12:11 - 1868460774 _____ C:\Users\jiriw\Downloads\Harry Potter a Kámen mudrců.avi
2021-05-15 07:09 - 2021-05-15 07:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-15 07:09 - 2021-05-15 07:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-15 07:09 - 2021-05-15 07:09 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-15 07:09 - 2021-05-15 07:09 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-15 07:08 - 2021-05-15 07:08 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-15 07:08 - 2021-05-15 07:08 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-15 07:08 - 2021-05-15 07:08 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-15 07:08 - 2021-05-15 07:08 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-15 07:07 - 2021-05-15 07:07 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-15 07:07 - 2021-05-15 07:07 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-15 07:07 - 2021-05-15 07:07 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-15 07:07 - 2021-05-15 07:07 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-03 21:45 - 2021-05-03 21:45 - 000077824 ____N C:\WINDOWS\KMSEmulator.exe
2021-05-03 21:37 - 2021-05-03 21:42 - 654574990 _____ C:\Users\jiriw\Downloads\Microsoft-office-2010-CZ+aktivátor.rar
2021-05-01 11:31 - 2021-05-05 19:39 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\GHISLER
2021-05-01 11:31 - 2021-05-05 19:39 - 000000000 ____D C:\totalcmd
2021-05-01 11:31 - 2021-05-01 11:31 - 000000000 ____D C:\Users\jiriw\AppData\Local\GHISLER
2021-04-23 21:07 - 2021-04-23 21:10 - 000000000 ____D C:\Users\jiriw\AppData\Local\Adobe
2021-04-22 16:40 - 2021-04-22 16:41 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Geek Uninstaller
2021-04-22 16:30 - 2021-04-22 16:34 - 000000000 ____D C:\AdwCleaner
2021-04-22 16:22 - 2021-05-16 11:45 - 000000000 ____D C:\Program Files\CCleaner
2021-04-22 16:22 - 2021-05-15 10:43 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-04-22 16:22 - 2021-04-22 16:22 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-04-22 16:22 - 2021-04-22 16:22 - 000000830 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-04-22 16:22 - 2021-04-22 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-04-22 16:07 - 2021-05-15 10:41 - 000542368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-20 17:03 - 2021-04-20 17:03 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-16 15:03 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-16 15:01 - 2020-09-28 17:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-16 11:46 - 2020-09-28 17:33 - 001851388 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-16 11:46 - 2019-12-07 16:41 - 000755602 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-16 11:46 - 2019-12-07 16:41 - 000164076 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-16 11:46 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-16 11:40 - 2020-09-28 17:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-16 11:40 - 2020-09-28 17:15 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-16 11:40 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-16 11:40 - 2019-10-31 08:12 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-05-15 11:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-15 11:33 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-15 10:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-15 10:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-15 10:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-15 10:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-15 10:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-15 10:37 - 2020-09-28 17:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-05-15 10:37 - 2020-09-28 17:24 - 000000000 ____D C:\WINDOWS\en-GB
2021-05-15 10:37 - 2019-12-07 16:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-15 07:45 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-15 07:41 - 2019-12-07 16:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-15 07:37 - 2021-01-19 21:09 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-15 07:30 - 2020-03-15 21:32 - 000000000 ____D C:\Users\jiriw\AppData\Local\D3DSCache
2021-05-14 23:13 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-14 22:52 - 2020-03-22 21:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-14 16:35 - 2020-10-29 00:54 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-14 16:31 - 2020-03-22 21:31 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-11 21:31 - 2020-05-01 16:48 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-07 02:56 - 2020-03-17 17:42 - 000000000 ____D C:\KMPlayer
2021-05-03 21:45 - 2020-03-15 23:18 - 000000161 _____ C:\WINDOWS\AutoKMS.ini
2021-05-01 09:49 - 2020-09-15 19:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-26 09:27 - 2020-10-29 00:54 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-26 09:27 - 2020-10-29 00:54 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-23 21:21 - 2020-09-28 17:43 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-04-22 16:54 - 2020-03-25 11:14 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Wise Disk Cleaner
2021-04-22 16:50 - 2020-12-06 20:29 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-04-22 16:35 - 2019-05-28 03:06 - 000000000 ____D C:\ProgramData\HP
2021-04-22 16:34 - 2021-02-12 16:50 - 000000000 ____D C:\WINDOWS\system32\HP
2021-04-22 16:34 - 2020-03-15 22:21 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Hewlett-Packard
2021-04-22 16:34 - 2019-10-31 07:02 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-04-22 16:34 - 2019-05-28 03:06 - 000000000 ____D C:\Program Files (x86)\HP
2021-04-22 16:34 - 2019-05-13 22:03 - 000000000 ___HD C:\hp
2021-04-22 16:11 - 2020-03-15 21:32 - 000000000 ____D C:\Users\jiriw\AppData\Local\AMD
2021-04-22 16:00 - 2020-09-28 17:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\WiseCleaner
2021-04-22 16:00 - 2020-03-25 11:13 - 000000000 ____D C:\Program Files (x86)\Wise
2021-04-21 16:58 - 2021-04-09 10:49 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome.lnk
2021-04-21 16:58 - 2021-04-09 10:49 - 000002288 _____ C:\Users\Public\Desktop\Panda Dome.lnk
2021-04-21 16:58 - 2021-04-09 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
2021-04-21 16:58 - 2020-09-28 17:43 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-21 16:58 - 2020-09-28 17:43 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-21 16:50 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-21 16:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-21 16:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-21 16:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-20 17:03 - 2020-09-28 17:20 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-18 18:25 - 2020-03-25 18:27 - 000002375 _____ C:\Users\jiriw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-04-18 18:25 - 2020-03-25 18:27 - 000002367 _____ C:\Users\jiriw\Desktop\Microsoft Teams.lnk
2021-04-18 15:54 - 2019-04-15 17:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Files in the root of some directories ========
2020-05-16 19:43 - 2020-05-16 19:43 - 000000080 _____ () C:\Users\jiriw\AppData\Roaming\debug.log
2020-12-09 21:42 - 2020-12-09 21:42 - 000002809 _____ () C:\Users\jiriw\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2021
Ran by jiriw (16-05-2021 15:08:40)
Running from C:\Users\jiriw\Downloads
Windows 10 Home Version 2004 19041.985 (X64) (2020-09-28 15:44:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3874525921-3796214153-4028669373-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3874525921-3796214153-4028669373-503 - Limited - Disabled)
Guest (S-1-5-21-3874525921-3796214153-4028669373-501 - Limited - Disabled)
jiriw (S-1-5-21-3874525921-3796214153-4028669373-1001 - Administrator - Enabled) => C:\Users\jiriw
WDAGUtilityAccount (S-1-5-21-3874525921-3796214153-4028669373-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Panda Dome (Enabled - Up to date) {8EE5B6CC-D555-4755-164C-336E561DE601}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.01 alpha (x64) (HKLM\...\7-Zip) (Version: 19.01 alpha - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2019.0504.1012.18360 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.08.01 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{7659552A-136F-4615-A9FA-3E3EF2CCA77C}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
f.lux (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Flux) (Version: - f.lux Software LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{20A40E7C-E470-4E9F-9B5C-DDB2C205E856}) (Version: 1.0.154.0 - HP Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.47 - PandoraTV)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Teams) (Version: 1.4.00.8872 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Panda Devices Agent (HKLM-x32\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden
Panda Dome (HKLM\...\{EF4168C0-095F-4CFC-8CB3-139A11AC89BE}) (Version: 11.53.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 20.2.1 - Panda Security)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.31246 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-19] (Microsoft Corporation)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2019-10-31] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-03-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-03-22] (Microsoft Corporation) [MS Ad]
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-15] (Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\jiriw\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> no filepath
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-01-08 13:03 - 2019-01-08 13:03 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2019-01-08 13:03 - 2019-01-08 13:03 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-03-15 21:59 - 2019-09-05 07:00 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-05-04 10:10 - 2019-05-04 10:10 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {A37A48EA-44AA-446D-9E29-A588D41F49B6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {A37A48EA-44AA-446D-9E29-A588D41F49B6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001 -> {A37A48EA-44AA-446D-9E29-A588D41F49B6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jiriw\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Automount"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{5E528C6E-B980-44F7-B287-E8BB628560CE}C:\users\jiriw\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jiriw\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B537D029-8A4E-47C1-A09C-AF27A00342BF}C:\users\jiriw\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jiriw\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{40FF78BF-D6AA-4A2D-846C-E8B0304D7578}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{85A6C60E-1C61-4500-9FE9-365DCDB619C4}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CCE9A6A9-8CD5-4CBB-B857-DACC2DDDC59B}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [UDP Query User{78BBE196-04D4-4B8C-86AB-0505D67FEEDC}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [{46454C92-16B2-4143-BFFF-AB11A86199A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
03-05-2021 20:36:34 Naplánovaný kontrolní bod
14-05-2021 22:52:58 Instalační služba modulů systému Windows
15-05-2021 06:39:47 Instalační služba modulů systému Windows
16-05-2021 11:38:25 AdwCleaner_BeforeCleaning_16/05/2021_11:38:23
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/16/2021 11:39:50 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (05/16/2021 11:39:49 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (05/15/2021 07:19:48 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-3874525921-3796214153-4028669373-1001}/>.
Error: (05/15/2021 08:36:22 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (05/15/2021 07:26:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.19041.610 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2670
Čas spuštění: 01d749440b2e54c5
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
ID hlášení: 588036fc-3fe5-4ab6-b9fe-c88709f52553
Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (05/14/2021 11:12:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program YourPhone.exe verze 1.21022.215.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1cc8
Čas spuštění: 01d748cdbcbde3ac
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21022.215.0_x64__8wekyb3d8bbwe\YourPhone.exe
ID hlášení: fff010b8-984b-4f01-9611-195f6ad8bf76
Úplný název balíčku s chybou: Microsoft.YourPhone_1.21022.215.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (05/09/2021 06:25:36 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-3874525921-3796214153-4028669373-1001}/>.
Error: (05/09/2021 05:14:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSANHost.exe, verze: 20.2.0.0, časové razítko: 0x5fc6ba38
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.928, časové razítko: 0xa0caab76
Kód výjimky: 0xc0000374
Posun chyby: 0x000e6a73
ID chybujícího procesu: 0x1060
Čas spuštění chybující aplikace: 0x01d740556175f6a4
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: e570825f-ca22-4883-85fd-e2c59af172a3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (05/16/2021 11:39:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba HP Analytics service závisí na službě Služba WMI, která neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.
Error: (05/16/2021 11:39:57 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba Winmgmt se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (05/16/2021 11:39:52 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll
Error: (05/16/2021 11:39:52 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll
Error: (05/16/2021 11:39:45 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll
Error: (05/16/2021 11:39:40 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-P4MHDA7I)
Description: Server Microsoft.AAD.BrokerPlugin_1000.19041.964.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/16/2021 11:39:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Analytics service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (05/16/2021 11:39:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Panda Devices Agent byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2021-04-20 16:26:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AE405F23-AF46-4D17-943B-130B67A63E47}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-16 15:04:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {685A106D-C699-4EC6-B516-BE494D7EF5E5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-13 18:57:46
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DE1EF93C-B0A0-4BC5-8176-4AF3DC1F37DD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-18 16:01:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.958.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2021-04-09 10:49:14
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
CodeIntegrity:
===============
Date: 2021-04-09 16:09:27
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-11-30 18:25:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.51 05/31/2019
Motherboard: HP 8330
Processor: AMD A4-9120 RADEON R3, 4 COMPUTE CORES 2C+2G
Percentage of memory in use: 70%
Total physical RAM: 3981.68 MB
Available physical RAM: 1182.37 MB
Total Virtual: 7053.68 MB
Available Virtual: 2980.21 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:464.95 GB) (Free:406.13 GB) NTFS
\\?\Volume{56d3a4a0-ec1e-4adf-86f5-3a5e91a9a165}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{fa4718fc-9e9e-4baf-b212-d72bebd5d17b}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 496556BD)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05-2021
Ran by jiriw (administrator) on LAPTOP-P4MHDA7I (HP HP Laptop 15-bw0xx) (16-05-2021 15:04:02)
Running from C:\Users\jiriw\Downloads
Loaded Profiles: jiriw
Platform: Windows 10 Home Version 2004 19041.985 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0342174.inf_amd64_8d1532c19168217b\B342118\atiesrxx.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\jiriw\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\jiriw\Downloads\adwcleaner_8.2.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Panda Security S.L. -> Panda Security S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [168456 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\jiriw\AppData\Local\Microsoft\Teams\Update.exe [2453728 2021-04-18] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Run: [f.lux] => C:\Users\jiriw\AppData\Local\FluxSoftware\Flux\flux.exe [1511824 2021-02-04] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-11] (Google LLC -> Google LLC)
GroupPolicyScripts: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {042649D1-5F82-41AA-8E11-FA69EEEE4B4A} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [8776024 2021-03-09] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
Task: {0FBA887F-EDAD-4BA9-992F-BBE736B4DCBA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {2189A8D4-CBD8-4518-87A4-F24B7DB69C1B} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [66952 2019-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3D065143-F2CD-4F2F-B517-283E9B6EBBA1} - no filepath
Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - no filepath
Task: {718DF5A7-352B-4006-995A-8DD575483DAB} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {A3B4E16E-982E-45A4-AC5C-D200D202BF25} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-05-10] (Advanced Micro Devices, Inc.) [File not signed]
Task: {A7BC175F-E82C-48D9-80EA-AF284D95F186} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {BF13E033-27CA-4A81-B008-983D0DACEB68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-01] (Google LLC -> Google LLC)
Task: {D70F5B5C-923A-432B-AB5B-54EA143182A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-01] (Google LLC -> Google LLC)
Task: {E95E71A2-C2F9-4750-BB81-E6A3659A6C0C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F63870B6-57FA-43A1-91AD-1EDB612BD3F3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {FFF7F9BE-0CF6-4310-B5A5-578F60D4584B} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-05-10] (Advanced Micro Devices, Inc.) [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3ca99e4d-a49c-44cf-b72a-5903f8d042a7}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4bc9a890-9a67-4c78-a7b6-a4fdefa5438d}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\jiriw\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-15]
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default [2021-05-16]
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://ow2.res.office365.com/assets/mail/pwa/v1/pngs/Outlook.48x48x32.png
CHR Extension: (Prezentace) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-15]
CHR Extension: (Dokumenty) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-15]
CHR Extension: (Disk Google) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-15]
CHR Extension: (Outlook) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\faolnafnngnfdaknnbpnkhgohbobgegn [2020-03-25]
CHR Extension: (Tabulky) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\jiriw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe [731152 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe [728608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe [728608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe [729608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe [480280 2021-03-17] (HP Inc. -> HP Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [98896 2020-12-01] (Panda Security S.L. -> Panda Security, S.L.)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] (AnchorFree Inc -> )
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 pselamsvc; C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe [189288 2020-07-09] (Panda Security S.L. -> Panda Security S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [59440 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.5-0\NisSrv.exe [2599296 2021-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.5-0\MsMpEng.exe [128360 2021-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
S3 MpKsl4cc06120; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38D8FB3F-87FD-43E2-9331-3932A9C701A7}\MpKslDrv.sys [97528 2021-04-20] (Microsoft Windows -> Microsoft Corporation)
R1 NNSDNS; C:\WINDOWS\system32\DRIVERS\NNSDNS.sys [141088 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [212768 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [125728 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [132384 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [111296 2020-11-23] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [152864 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [102688 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135456 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [347424 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [353592 2020-12-10] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123168 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [327968 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [195872 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
S0 psinelam; C:\WINDOWS\System32\DRIVERS\psinelam.sys [21432 2020-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [171296 2020-12-27] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [216864 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [148768 2020-12-27] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [160544 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [130336 2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72984 2019-02-20] (Panda Security S.L. -> Panda Security, S.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49544 2021-04-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421112 2021-04-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73952 2021-04-18] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-16 15:04 - 2021-05-16 15:05 - 000018920 _____ C:\Users\jiriw\Downloads\FRST.txt
2021-05-16 15:03 - 2021-05-16 15:04 - 000000000 ____D C:\FRST
2021-05-16 11:51 - 2021-05-16 11:51 - 002299392 _____ (Farbar) C:\Users\jiriw\Downloads\FRST64.exe
2021-05-16 11:51 - 2021-05-16 11:51 - 002012160 _____ (Farbar) C:\Users\jiriw\Downloads\FRST.exe
2021-05-16 11:42 - 2021-05-16 11:42 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-05-16 10:40 - 2021-05-16 10:40 - 000241999 _____ C:\Users\jiriw\Downloads\3BTZ0022-regulator_solaru.pdf
2021-05-16 10:17 - 2021-05-16 10:18 - 008534696 _____ (Malwarebytes) C:\Users\jiriw\Downloads\adwcleaner_8.2.exe
2021-05-15 19:31 - 2021-05-16 10:24 - 000000000 ____D C:\Program Files\trend micro
2021-05-15 19:31 - 2021-05-15 19:31 - 000000000 ____D C:\rsit
2021-05-15 19:30 - 2021-05-15 19:30 - 001222144 _____ C:\Users\jiriw\Downloads\RSITx64.exe
2021-05-15 11:59 - 2021-05-15 12:11 - 1868460774 _____ C:\Users\jiriw\Downloads\Harry Potter a Kámen mudrců.avi
2021-05-15 07:09 - 2021-05-15 07:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-15 07:09 - 2021-05-15 07:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-15 07:09 - 2021-05-15 07:09 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-15 07:09 - 2021-05-15 07:09 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-15 07:08 - 2021-05-15 07:08 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-15 07:08 - 2021-05-15 07:08 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-15 07:08 - 2021-05-15 07:08 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-15 07:08 - 2021-05-15 07:08 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-15 07:07 - 2021-05-15 07:07 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-15 07:07 - 2021-05-15 07:07 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-15 07:07 - 2021-05-15 07:07 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-15 07:07 - 2021-05-15 07:07 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-03 21:45 - 2021-05-03 21:45 - 000077824 ____N C:\WINDOWS\KMSEmulator.exe
2021-05-03 21:37 - 2021-05-03 21:42 - 654574990 _____ C:\Users\jiriw\Downloads\Microsoft-office-2010-CZ+aktivátor.rar
2021-05-01 11:31 - 2021-05-05 19:39 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\GHISLER
2021-05-01 11:31 - 2021-05-05 19:39 - 000000000 ____D C:\totalcmd
2021-05-01 11:31 - 2021-05-01 11:31 - 000000000 ____D C:\Users\jiriw\AppData\Local\GHISLER
2021-04-23 21:07 - 2021-04-23 21:10 - 000000000 ____D C:\Users\jiriw\AppData\Local\Adobe
2021-04-22 16:40 - 2021-04-22 16:41 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Geek Uninstaller
2021-04-22 16:30 - 2021-04-22 16:34 - 000000000 ____D C:\AdwCleaner
2021-04-22 16:22 - 2021-05-16 11:45 - 000000000 ____D C:\Program Files\CCleaner
2021-04-22 16:22 - 2021-05-15 10:43 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-04-22 16:22 - 2021-04-22 16:22 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-04-22 16:22 - 2021-04-22 16:22 - 000000830 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-04-22 16:22 - 2021-04-22 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-04-22 16:07 - 2021-05-15 10:41 - 000542368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-20 17:03 - 2021-04-20 17:03 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-16 15:03 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-16 15:01 - 2020-09-28 17:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-16 11:46 - 2020-09-28 17:33 - 001851388 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-16 11:46 - 2019-12-07 16:41 - 000755602 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-16 11:46 - 2019-12-07 16:41 - 000164076 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-16 11:46 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-16 11:40 - 2020-09-28 17:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-16 11:40 - 2020-09-28 17:15 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-16 11:40 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-16 11:40 - 2019-10-31 08:12 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-05-15 11:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-15 11:33 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-15 10:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-15 10:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-15 10:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-15 10:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-15 10:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-15 10:37 - 2020-09-28 17:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-05-15 10:37 - 2020-09-28 17:24 - 000000000 ____D C:\WINDOWS\en-GB
2021-05-15 10:37 - 2019-12-07 16:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-15 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-15 07:45 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-15 07:41 - 2019-12-07 16:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-15 07:37 - 2021-01-19 21:09 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-15 07:30 - 2020-03-15 21:32 - 000000000 ____D C:\Users\jiriw\AppData\Local\D3DSCache
2021-05-14 23:13 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-14 22:52 - 2020-03-22 21:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-14 16:35 - 2020-10-29 00:54 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-14 16:31 - 2020-03-22 21:31 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-11 21:31 - 2020-05-01 16:48 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-07 02:56 - 2020-03-17 17:42 - 000000000 ____D C:\KMPlayer
2021-05-03 21:45 - 2020-03-15 23:18 - 000000161 _____ C:\WINDOWS\AutoKMS.ini
2021-05-01 09:49 - 2020-09-15 19:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-26 09:27 - 2020-10-29 00:54 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-26 09:27 - 2020-10-29 00:54 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-23 21:21 - 2020-09-28 17:43 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-04-22 16:54 - 2020-03-25 11:14 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Wise Disk Cleaner
2021-04-22 16:50 - 2020-12-06 20:29 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-04-22 16:35 - 2019-05-28 03:06 - 000000000 ____D C:\ProgramData\HP
2021-04-22 16:34 - 2021-02-12 16:50 - 000000000 ____D C:\WINDOWS\system32\HP
2021-04-22 16:34 - 2020-03-15 22:21 - 000000000 ____D C:\Users\jiriw\AppData\Roaming\Hewlett-Packard
2021-04-22 16:34 - 2019-10-31 07:02 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-04-22 16:34 - 2019-05-28 03:06 - 000000000 ____D C:\Program Files (x86)\HP
2021-04-22 16:34 - 2019-05-13 22:03 - 000000000 ___HD C:\hp
2021-04-22 16:11 - 2020-03-15 21:32 - 000000000 ____D C:\Users\jiriw\AppData\Local\AMD
2021-04-22 16:00 - 2020-09-28 17:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\WiseCleaner
2021-04-22 16:00 - 2020-03-25 11:13 - 000000000 ____D C:\Program Files (x86)\Wise
2021-04-21 16:58 - 2021-04-09 10:49 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome.lnk
2021-04-21 16:58 - 2021-04-09 10:49 - 000002288 _____ C:\Users\Public\Desktop\Panda Dome.lnk
2021-04-21 16:58 - 2021-04-09 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
2021-04-21 16:58 - 2020-09-28 17:43 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-21 16:58 - 2020-09-28 17:43 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-21 16:50 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-21 16:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-21 16:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-21 16:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-20 17:03 - 2020-09-28 17:20 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-18 18:25 - 2020-03-25 18:27 - 000002375 _____ C:\Users\jiriw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-04-18 18:25 - 2020-03-25 18:27 - 000002367 _____ C:\Users\jiriw\Desktop\Microsoft Teams.lnk
2021-04-18 15:54 - 2019-04-15 17:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Files in the root of some directories ========
2020-05-16 19:43 - 2020-05-16 19:43 - 000000080 _____ () C:\Users\jiriw\AppData\Roaming\debug.log
2020-12-09 21:42 - 2020-12-09 21:42 - 000002809 _____ () C:\Users\jiriw\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2021
Ran by jiriw (16-05-2021 15:08:40)
Running from C:\Users\jiriw\Downloads
Windows 10 Home Version 2004 19041.985 (X64) (2020-09-28 15:44:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3874525921-3796214153-4028669373-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3874525921-3796214153-4028669373-503 - Limited - Disabled)
Guest (S-1-5-21-3874525921-3796214153-4028669373-501 - Limited - Disabled)
jiriw (S-1-5-21-3874525921-3796214153-4028669373-1001 - Administrator - Enabled) => C:\Users\jiriw
WDAGUtilityAccount (S-1-5-21-3874525921-3796214153-4028669373-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Panda Dome (Enabled - Up to date) {8EE5B6CC-D555-4755-164C-336E561DE601}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.01 alpha (x64) (HKLM\...\7-Zip) (Version: 19.01 alpha - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2019.0504.1012.18360 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.08.01 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{7659552A-136F-4615-A9FA-3E3EF2CCA77C}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
f.lux (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Flux) (Version: - f.lux Software LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{20A40E7C-E470-4E9F-9B5C-DDB2C205E856}) (Version: 1.0.154.0 - HP Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.47 - PandoraTV)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\Teams) (Version: 1.4.00.8872 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Panda Devices Agent (HKLM-x32\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden
Panda Dome (HKLM\...\{EF4168C0-095F-4CFC-8CB3-139A11AC89BE}) (Version: 11.53.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 20.2.1 - Panda Security)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.31246 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-19] (Microsoft Corporation)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2019-10-31] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-03-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-03-22] (Microsoft Corporation) [MS Ad]
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-15] (Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\jiriw\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> no filepath
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2020-12-02] (Panda Security S.L. -> Panda Security, S.L.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-01-08 13:03 - 2019-01-08 13:03 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2019-01-08 13:03 - 2019-01-08 13:03 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-03-15 21:59 - 2019-09-05 07:00 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-05-04 10:10 - 2019-05-04 10:10 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {A37A48EA-44AA-446D-9E29-A588D41F49B6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {A37A48EA-44AA-446D-9E29-A588D41F49B6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3874525921-3796214153-4028669373-1001 -> {A37A48EA-44AA-446D-9E29-A588D41F49B6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jiriw\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3874525921-3796214153-4028669373-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Automount"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{5E528C6E-B980-44F7-B287-E8BB628560CE}C:\users\jiriw\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jiriw\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B537D029-8A4E-47C1-A09C-AF27A00342BF}C:\users\jiriw\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jiriw\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{40FF78BF-D6AA-4A2D-846C-E8B0304D7578}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{85A6C60E-1C61-4500-9FE9-365DCDB619C4}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CCE9A6A9-8CD5-4CBB-B857-DACC2DDDC59B}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [UDP Query User{78BBE196-04D4-4B8C-86AB-0505D67FEEDC}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [{46454C92-16B2-4143-BFFF-AB11A86199A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
03-05-2021 20:36:34 Naplánovaný kontrolní bod
14-05-2021 22:52:58 Instalační služba modulů systému Windows
15-05-2021 06:39:47 Instalační služba modulů systému Windows
16-05-2021 11:38:25 AdwCleaner_BeforeCleaning_16/05/2021_11:38:23
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/16/2021 11:39:50 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (05/16/2021 11:39:49 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (05/15/2021 07:19:48 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-3874525921-3796214153-4028669373-1001}/>.
Error: (05/15/2021 08:36:22 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (05/15/2021 07:26:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.19041.610 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2670
Čas spuštění: 01d749440b2e54c5
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
ID hlášení: 588036fc-3fe5-4ab6-b9fe-c88709f52553
Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (05/14/2021 11:12:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program YourPhone.exe verze 1.21022.215.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1cc8
Čas spuštění: 01d748cdbcbde3ac
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21022.215.0_x64__8wekyb3d8bbwe\YourPhone.exe
ID hlášení: fff010b8-984b-4f01-9611-195f6ad8bf76
Úplný název balíčku s chybou: Microsoft.YourPhone_1.21022.215.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (05/09/2021 06:25:36 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-3874525921-3796214153-4028669373-1001}/>.
Error: (05/09/2021 05:14:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSANHost.exe, verze: 20.2.0.0, časové razítko: 0x5fc6ba38
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.928, časové razítko: 0xa0caab76
Kód výjimky: 0xc0000374
Posun chyby: 0x000e6a73
ID chybujícího procesu: 0x1060
Čas spuštění chybující aplikace: 0x01d740556175f6a4
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: e570825f-ca22-4883-85fd-e2c59af172a3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (05/16/2021 11:39:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba HP Analytics service závisí na službě Služba WMI, která neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.
Error: (05/16/2021 11:39:57 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba Winmgmt se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (05/16/2021 11:39:52 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll
Error: (05/16/2021 11:39:52 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll
Error: (05/16/2021 11:39:45 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll
Error: (05/16/2021 11:39:40 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-P4MHDA7I)
Description: Server Microsoft.AAD.BrokerPlugin_1000.19041.964.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/16/2021 11:39:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Analytics service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (05/16/2021 11:39:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Panda Devices Agent byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2021-04-20 16:26:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AE405F23-AF46-4D17-943B-130B67A63E47}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-16 15:04:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {685A106D-C699-4EC6-B516-BE494D7EF5E5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-13 18:57:46
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DE1EF93C-B0A0-4BC5-8176-4AF3DC1F37DD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-18 16:01:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.958.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2021-04-09 10:49:14
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
CodeIntegrity:
===============
Date: 2021-04-09 16:09:27
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-11-30 18:25:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.51 05/31/2019
Motherboard: HP 8330
Processor: AMD A4-9120 RADEON R3, 4 COMPUTE CORES 2C+2G
Percentage of memory in use: 70%
Total physical RAM: 3981.68 MB
Available physical RAM: 1182.37 MB
Total Virtual: 7053.68 MB
Available Virtual: 2980.21 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:464.95 GB) (Free:406.13 GB) NTFS
\\?\Volume{56d3a4a0-ec1e-4adf-86f5-3a5e91a9a165}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{fa4718fc-9e9e-4baf-b212-d72bebd5d17b}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 496556BD)
Partition: GPT.
==================== End of Addition.txt =======================
Re: Prosím o kontrolu logu - zpomalený ntb
Ahoj,
- su tam nejake zvysky Avastu, odstran to
- s prikazoveho riadku spust sfc/scannow
Nejake AV problemy tam nevidim
- su tam nejake zvysky Avastu, odstran to
- s prikazoveho riadku spust sfc/scannow
Nejake AV problemy tam nevidim
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu - zpomalený ntb
sfc/scannow proveden. Jestli tomu rozumím správně, ntb je ok resp. neexistují SW příčiny jeho "nerychlosti" a jde spíše o HW problém?
Re: Prosím o kontrolu logu - zpomalený ntb
Mozes este ntb vycistit s CCleanerom, vcetne registrov
+
spust taskmgr a pozri, ci nie su extremne vytazene CPU/RAM ?
+
spust taskmgr a pozri, ci nie su extremne vytazene CPU/RAM ?
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu - zpomalený ntb
Úklid CCleanerem je hotový. Co se týče taskmanageru, hodnoty CPU při psaní téhle odpovědi kolísají mezi 89 - 100%, RAM cca 62% a to na pozadí běží akorát antivir Panda...Něco mi říká, že takhle vysoko by se výkon CPU v prakticky klidovém režimu pohybovat neměl...?
Re: Prosím o kontrolu logu - zpomalený ntb
Ano, tam niekde bude problem
Pozri a odpis 3 procesy ktore najviac vytazuju CPU
Pozri a odpis 3 procesy ktore najviac vytazuju CPU
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu - zpomalený ntb
přikládám foto, co nejvíc využívá CPU:
Re: Prosím o kontrolu logu - zpomalený ntb
Tento obrazok nam vobec nepomoze, mal by byt z casu ked je CPU cez 90%
Tam ked kliknes na CPU zoradi sa podla zataze
Vysoke zataze CPU casto sposobuju aktualizacie na pozadi, prip. AV kontroly apod
Musis to vsak riesit vtedy ked je stav zly
Tam ked kliknes na CPU zoradi sa podla zataze
Vysoke zataze CPU casto sposobuju aktualizacie na pozadi, prip. AV kontroly apod
Musis to vsak riesit vtedy ked je stav zly
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu - zpomalený ntb
Jsem rád, že za tím není žádná havěť, ty procesy si zkusím pohlídat. Děkuji moc za kontrolu logu a následné rady.
Re: Prosím o kontrolu logu - zpomalený ntb
rado sa stalo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/