Možná problém, prosím o kontrolu

[aldik]

Mamka si stěžovala, že prý jí na notebooku vyskočilo že má vir tak to nechám preventivně tady prověřit. Počítač jsem nechal zkontrolovat i úplným testem Avastu a nic nenašel, ještě předtím jsem z Chromu odstranil podezřelý doplněk, vůbec nevím k čemu měl sloužit (https://goo.gl/E8z993 odkaz je na Chrome Webstore), jednou shodil celý prohlížeč a pak mě nechtěl pustit na stránku se Správou rozšíření, pořád jí zavíral.
A poslední dobou dost často je disk vytížen na 100%.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Alice Řepková at 2018-06-12 10:27:54
Microsoft Windows 10 Home
System drive C: has 300 GB (66%) free of 454 GB
Total RAM: 8106 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:28:01, on 12.06.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Alice Řepková\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE
C:\Users\Alice Řepková\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\FileCoAuth.exe
C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe
C:\Program Files\trend micro\Alice Řepková.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo15.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Alice Řepková\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [PhotoMasterImportAgent] "C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe" importagent
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CCSDK - Lenovo - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GDCAgent - Lenovo - C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem5.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @oem6.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: OpenSSH Authentication Agent (ssh-agent) - Unknown owner - C:\WINDOWS\System32\OpenSSH\ssh-agent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11341 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-7fd0ab21-c3ae-4196-9ded-e47f00867cfc -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5f4ee5c0-59af-48d7-bb30-4dc82e657d3a -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-0281c616-5f4d-4bc7-a07f-051bdcf69409 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-89ad2afc-09d3-409e-aeae-0752859b23a5 -LifetimeId:e0473bec-2239-49b0-883e-f180ca4d67f4 -DeviceGroupId:WudfDefaultDevicePool
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
dashost.exe {88db5fd6-ff85-4a8e-a1f7acabb0f75e60}
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Elantech\ETDService.exe"
C:\WINDOWS\SysWOW64\SAsrv.exe
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc

C:\WINDOWS\system32\ibtsiva
C:\WINDOWS\system32\CxAudMsg64.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
"C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
"c:\program files\avast software\avast\avastsvc.exe"
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s XblAuthManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s fhsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
C:\WINDOWS\system32\svchost.exe -k SDRSVC
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-70447e1b-75a7-425b-9ad3-17a8c627710f -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5ba0d876-f4da-474d-8e6f-48182b98812a -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5f565d5c-0e09-45c6-a28f-43935c476f71 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-64a8281d-02d8-422b-b232-f016f35f6a9d -LifetimeId:71b352df-a7b1-47e8-b2be-f98c2330fb3e -DeviceGroupId:
"C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s seclogon
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s DoSvc
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
atieclxx
"C:\Program Files\Elantech\ETDCtrl.exe"
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
igfxEM.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
igfxHK.exe
igfxTray.exe
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\RTFTrack.exe"
AvastUI.exe /nogui
"C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe"
"C:\Users\Alice Řepková\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE"
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
taskhostw.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\WLANExt.exe 2253700714144
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Users\Alice Řepková\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\FileCoAuth.exe" -Embedding
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
"C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe"
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX6an27ssxm1kq22j0wm54a996rsgjh8an.mca
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser
"C:\WINDOWS\System32\Taskmgr.exe" /3
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
-name 8795276b-8c87-469e-b639-f7fa8b5ca800 -runas -pluginName DolbyAudioPlugin -pluginVersion 1.2.232.27
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe" -name c01f8308-4d54-4f5b-b95b-efd82723e06d -runas SYSTEM -pluginName LenovoAuthenticationPlugin -pluginVersion 1.2.88.0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Alice Řepková\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Alice Řepková\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Alice Řepková\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=67.0.3396.79 --initial-client-data=0x1dc,0x1e0,0x1e4,0x1d8,0x1e8,0x7ff99b183228,0x7ff99b183238,0x7ff99b183248
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=12756 --on-initialized-event-handle=712 --parent-handle=716 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1644,1533793875291223060,16883987112461392792,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=FAEA2DDDFDEB3A4AA93CFEC9BAA9E76C --mojo-platform-channel-handle=1688 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,1533793875291223060,16883987112461392792,131072 --service-pipe-token=E94A2EE464522A4401100A555C06A3DC --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=E94A2EE464522A4401100A555C06A3DC --renderer-client-id=3 --mojo-platform-channel-handle=3260 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,1533793875291223060,16883987112461392792,131072 --service-pipe-token=3EEBB08F6DA01F62B1589C4A135D3E58 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3EEBB08F6DA01F62B1589C4A135D3E58 --renderer-client-id=4 --mojo-platform-channel-handle=4696 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,1533793875291223060,16883987112461392792,131072 --service-pipe-token=63A22AE1228DCD943B0EDDBF8FA6F8F5 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=63A22AE1228DCD943B0EDDBF8FA6F8F5 --renderer-client-id=5 --mojo-platform-channel-handle=3692 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,1533793875291223060,16883987112461392792,131072 --service-pipe-token=C5DEBB254A89802C2FCED6FA2621EDC0 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=C5DEBB254A89802C2FCED6FA2621EDC0 --renderer-client-id=18 --mojo-platform-channel-handle=5696 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,1533793875291223060,16883987112461392792,131072 --service-pipe-token=BDFE29332D8459BAD9CCB9BAC58287E2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=BDFE29332D8459BAD9CCB9BAC58287E2 --renderer-client-id=24 --mojo-platform-channel-handle=6392 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,1533793875291223060,16883987112461392792,131072 --service-pipe-token=F438E9B028A2EA4E12C83563D3324890 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=F438E9B028A2EA4E12C83563D3324890 --renderer-client-id=25 --mojo-platform-channel-handle=2652 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,1533793875291223060,16883987112461392792,131072 --service-pipe-token=D724125BF936CB1B4651A3977F984DDC --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=D724125BF936CB1B4651A3977F984DDC --renderer-client-id=26 --mojo-platform-channel-handle=6908 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe328_ Global\UsGthrCtrlFltPipeMssGthrPipe328 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 724 728 736 8192 732
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,1533793875291223060,16883987112461392792,131072 --service-pipe-token=84A1EBC077F03084916F3386A85F9A3B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=84A1EBC077F03084916F3386A85F9A3B --renderer-client-id=32 --mojo-platform-channel-handle=8972 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,1533793875291223060,16883987112461392792,131072 --service-pipe-token=8F691EB7D7AFA2634DA9E971EC16A563 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8F691EB7D7AFA2634DA9E971EC16A563 --renderer-client-id=35 --mojo-platform-channel-handle=7108 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x5b0
"C:\Users\Alice Řepková\Downloads\RSITx64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-06-01 207024]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-20 919768]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-06-01 5052120]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-07-25 36352]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2016-09-21 3814624]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-05-09 242392]
"LenovoUtility"=C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [2017-07-27 911272]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-06-28 6613896]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Alice Řepková\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-04-26 1624224]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-08-26 8912088]
"PhotoMasterImportAgent"=C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [2016-09-22 675608]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [2017-01-09 680520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-06-12 10:27:54 ----D---- C:\rsit
2018-06-12 10:27:54 ----D---- C:\Program Files\trend micro
2018-05-28 16:30:10 ----SHD---- C:\Config.Msi
2018-05-28 16:17:26 ----D---- C:\Program Files\Microsoft Office 15
2018-05-19 16:43:23 ----HD---- C:\OneDriveTemp
2018-05-19 16:10:42 ----D---- C:\Program Files (x86)\Cobian Backup 11
2018-05-18 16:08:47 ----A---- C:\WINDOWS\system32\aswBoot.exe
2018-05-18 16:05:23 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft
2018-05-17 18:00:51 ----D---- C:\ProgramData\Microsoft OneDrive
2018-05-17 06:14:23 ----D---- C:\Program Files\Dolby Digital Plus
2018-05-17 06:01:49 ----SHD---- C:\ProgramData\Templates
2018-05-17 06:01:49 ----SHD---- C:\ProgramData\Start Menu
2018-05-17 06:01:49 ----SHD---- C:\ProgramData\Documents
2018-05-17 06:01:49 ----SHD---- C:\ProgramData\Desktop
2018-05-17 06:01:49 ----SHD---- C:\ProgramData\Application Data
2018-05-17 06:01:22 ----D---- C:\WINDOWS\system32\drivers\wd
2018-05-17 05:40:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-17 05:34:38 ----ASH---- C:\hiberfil.sys
2018-05-17 05:29:43 ----SD---- C:\Users\Alice Řepková\AppData\Roaming\Microsoft
2018-05-17 05:29:43 ----D---- C:\Users\Alice Řepková\AppData\Roaming\ATI
2018-05-17 05:28:46 ----D---- C:\Program Files\ATI Technologies
2018-05-17 05:26:24 ----D---- C:\ProgramData\USOShared
2018-05-17 05:26:14 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2018-05-17 05:22:27 ----D---- C:\WINDOWS\Prefetch
2018-05-17 05:21:38 ----D---- C:\WINDOWS\system32\SleepStudy
2018-05-17 05:21:33 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswff669f9dc7a89bd2.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswf8ac2e152276a6a1.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswe2d3b788bf54d248.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswdb535b343819b561.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswd8a90d32ff922785.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswd62b0c255327fd65.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswcb293cd73938de11.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswbuniva.sys
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswbloga.sys
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswbidsha.sys
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswbidsdrivera.sys
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswb98cd55ef76cc367.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswb7e3b7e51a5c2c08.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswb0542defbc1daada.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswArPot.sys
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswa984e2bbfa90eb89.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\aswa0f79a2e225b9615.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw9c4edf7d9cee511d.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw996dd80e3b9b8ac7.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw938d2ce75cbf89c5.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw9104abebedbf65cd.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw86f41eceef46f528.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw6f871a4b2f840b79.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw62cd0cbb7c03557e.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw60df0743f95f1418.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw5e0cb1c615d41e8b.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw3d37aee8798df157.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw3c9b74b71dee53ce.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw3c55ed1fa0164c85.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw26f8ff804cc01e04.tmp
2018-05-16 00:08:51 ----A---- C:\WINDOWS\system32\drivers\asw a2af63115aa7301.tmp
2018-05-16 00:04:45 ----AS---- C:\WINDOWS\bootstat.dat
2018-05-16 00:02:30 ----D---- C:\WINDOWS\system32\Microsoft
2018-05-16 00:02:30 ----D---- C:\WINDOWS\ServiceProfiles
2018-05-15 23:55:37 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2018-05-15 23:55:36 ----A---- C:\WINDOWS\system32\wmp.dll
2018-05-15 23:55:01 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-05-15 23:55:00 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-05-15 23:55:00 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-05-15 23:55:00 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-05-15 23:55:00 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-05-15 23:55:00 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-05-15 23:54:59 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-05-15 23:54:59 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-05-15 23:54:59 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-05-15 23:54:59 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-05-15 23:54:58 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-05-15 23:54:58 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-05-15 23:54:58 ----A---- C:\WINDOWS\system32\jscript.dll
2018-05-15 23:54:57 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-05-15 23:54:57 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-05-15 23:54:57 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-05-15 23:54:57 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-05-15 23:54:57 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-05-15 23:54:56 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-05-15 23:54:56 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-05-15 23:54:55 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-15 23:54:55 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-05-15 23:54:54 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-05-15 23:54:53 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-05-15 23:54:53 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-05-15 23:54:50 ----A---- C:\WINDOWS\system32\MixedReality.Broker.dll
2018-05-15 23:54:49 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2018-05-15 23:54:48 ----A---- C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-05-15 23:54:48 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2018-05-15 23:54:45 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2018-05-15 23:54:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2018-05-15 23:54:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2018-05-15 23:54:45 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-05-15 23:54:44 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-05-15 23:54:44 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2018-05-15 23:54:43 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-05-15 23:54:43 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-05-15 23:54:42 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-05-15 23:54:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-15 23:54:42 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-05-15 23:54:42 ----A---- C:\WINDOWS\SYSWOW64\itss.dll
2018-05-15 23:54:42 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-05-15 23:54:42 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2018-05-15 23:54:40 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-05-15 23:54:40 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2018-05-15 23:54:37 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-05-15 23:54:37 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2018-05-15 23:54:37 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2018-05-15 23:54:37 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2018-05-15 23:54:37 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-05-15 23:54:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-05-15 23:54:36 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-05-15 23:54:19 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2018-05-15 23:54:19 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2018-05-15 23:54:18 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-05-15 23:54:18 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2018-05-15 23:54:18 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-05-15 23:54:17 ----A---- C:\WINDOWS\system32\wininet.dll
2018-05-15 23:54:17 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-15 23:54:17 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-05-15 23:54:17 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-05-15 23:54:17 ----A---- C:\WINDOWS\system32\itss.dll
2018-05-15 23:54:17 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-05-15 23:54:17 ----A---- C:\WINDOWS\system32\gdi32full.dll
2018-05-15 23:54:17 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2018-05-15 23:54:16 ----A---- C:\WINDOWS\system32\winload.exe
2018-05-15 23:54:16 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-05-15 23:54:16 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-05-15 23:54:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-05-15 23:54:15 ----A---- C:\WINDOWS\system32\SharedPCCSP.dll
2018-05-15 23:54:15 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-05-15 23:54:15 ----A---- C:\WINDOWS\system32\comsvcs.dll
2018-05-15 23:54:14 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-15 23:54:14 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-15 23:54:14 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-15 23:54:14 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-05-15 23:54:13 ----A---- C:\WINDOWS\system32\mstscax.dll
2018-05-15 23:54:13 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-15 23:54:12 ----A---- C:\WINDOWS\system32\shell32.dll
2018-05-15 23:54:11 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-05-15 23:54:11 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-15 23:54:11 ----A---- C:\WINDOWS\system32\TSpkg.dll
2018-05-15 23:54:11 ----A---- C:\WINDOWS\system32\rasapi32.dll
2018-05-15 23:54:11 ----A---- C:\WINDOWS\system32\credssp.dll
2018-05-15 23:54:08 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-05-15 23:54:08 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-05-15 23:54:08 ----A---- C:\WINDOWS\system32\rdpbase.dll
2018-05-15 23:54:08 ----A---- C:\WINDOWS\system32\msxml3.dll
2018-05-15 23:54:08 ----A---- C:\WINDOWS\system32\msi.dll
2018-05-15 23:54:07 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-05-15 23:54:07 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-05-15 23:54:07 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-05-15 23:54:07 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-05-15 23:54:07 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-05-15 23:54:07 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-05-15 23:54:07 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-05-15 23:54:07 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-05-15 23:54:07 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-05-15 23:54:06 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-15 23:54:06 ----A---- C:\WINDOWS\system32\tquery.dll
2018-05-15 23:54:06 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2018-05-15 23:54:06 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-05-15 23:54:06 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2018-05-15 23:54:06 ----A---- C:\WINDOWS\system32\cdp.dll
2018-05-15 23:54:05 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2018-05-15 23:54:05 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2018-05-15 23:54:05 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-05-15 23:54:05 ----A---- C:\WINDOWS\system32\WerFault.exe
2018-05-15 23:54:05 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-05-15 23:54:05 ----A---- C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-05-15 23:54:04 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-05-15 23:54:04 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-05-15 23:54:04 ----A---- C:\WINDOWS\system32\wuapi.dll
2018-05-15 23:54:04 ----A---- C:\WINDOWS\system32\wer.dll
2018-05-15 23:54:04 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-05-15 23:54:04 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-05-15 23:54:04 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2018-05-15 23:54:04 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-05-15 23:54:04 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-05-15 23:54:03 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2018-05-15 23:54:03 ----A---- C:\WINDOWS\system32\wcimage.dll
2018-05-15 23:54:03 ----A---- C:\WINDOWS\system32\tzres.dll
2018-05-15 23:54:03 ----A---- C:\WINDOWS\system32\rpcss.dll
2018-05-15 23:54:03 ----A---- C:\WINDOWS\system32\oleaut32.dll
2018-05-15 23:54:03 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-05-15 23:54:03 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-05-15 23:54:03 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-05-15 23:54:03 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-05-15 23:54:02 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-05-15 23:54:02 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2018-05-15 23:54:02 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-15 23:54:01 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2018-05-15 23:54:01 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-05-15 23:54:01 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2018-05-15 23:54:01 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2018-05-15 23:54:01 ----A---- C:\WINDOWS\SYSWOW64\credssp.dll
2018-05-15 23:54:00 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-05-15 23:54:00 ----A---- C:\WINDOWS\system32\rdpnano.dll
2018-05-15 23:54:00 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-05-15 23:54:00 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-05-15 23:54:00 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-05-15 23:54:00 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-05-15 23:54:00 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-05-15 23:39:00 ----A---- C:\WINDOWS\system32\perfi005.dat
2018-05-15 23:39:00 ----A---- C:\WINDOWS\system32\perfh005.dat
2018-05-15 23:39:00 ----A---- C:\WINDOWS\system32\perfd005.dat
2018-05-15 23:39:00 ----A---- C:\WINDOWS\system32\perfc005.dat
2018-05-15 23:38:52 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2018-05-15 23:38:52 ----D---- C:\WINDOWS\SYSWOW64\drivers\cs-CZ
2018-05-15 23:38:48 ----D---- C:\WINDOWS\SYSWOW64\cs
2018-05-15 23:38:46 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2018-05-15 23:38:42 ----D---- C:\WINDOWS\system32\cs
2018-05-15 23:38:40 ----D---- C:\WINDOWS\cs-CZ
2018-05-15 23:07:05 ----A---- C:\WINDOWS\system32\prm0005.dll
2018-05-15 23:06:06 ----D---- C:\Program Files\Reference Assemblies
2018-05-15 23:06:06 ----D---- C:\Program Files\MSBuild
2018-05-15 23:06:06 ----D---- C:\Program Files (x86)\Reference Assemblies
2018-05-15 23:06:06 ----D---- C:\Program Files (x86)\MSBuild
2018-05-15 23:04:59 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2018-05-15 23:04:59 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2018-05-15 23:04:58 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-05-15 23:04:57 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-05-15 23:04:56 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-05-15 23:04:53 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2018-05-15 23:01:16 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2018-05-15 23:01:15 ----A---- C:\WINDOWS\SYSWOW64\XpsFilt.dll
2018-05-15 23:01:13 ----A---- C:\WINDOWS\SYSWOW64\XPSSHHDR.dll
2018-05-15 23:01:13 ----A---- C:\WINDOWS\system32\XPSSHHDR.dll
2018-05-15 23:01:12 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2018-05-15 23:01:11 ----A---- C:\WINDOWS\system32\XpsFilt.dll
2018-05-15 20:20:15 ----DC---- C:\WINDOWS\Panther

======List of files/folders modified in the last 1 month======

2018-06-12 10:27:54 ----RD---- C:\Program Files
2018-06-12 10:21:52 ----D---- C:\WINDOWS\INF
2018-06-12 10:21:51 ----D---- C:\WINDOWS\Temp
2018-06-12 10:21:51 ----D---- C:\WINDOWS\LiveKernelReports
2018-06-12 10:21:51 ----D---- C:\Windows
2018-06-12 10:18:24 ----D---- C:\WINDOWS\system32\sru
2018-06-12 09:52:55 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-06-12 09:38:48 ----D---- C:\WINDOWS\AppReadiness
2018-06-12 09:38:47 ----HD---- C:\Program Files\WindowsApps
2018-06-12 08:58:31 ----RD---- C:\WINDOWS\Microsoft.NET
2018-06-11 14:16:40 ----D---- C:\WINDOWS\system32\LogFiles
2018-06-11 14:13:41 ----D---- C:\WINDOWS\Logs
2018-06-09 09:11:31 ----D---- C:\WINDOWS\system32\config
2018-06-07 19:49:48 ----D---- C:\WINDOWS\CbsTemp
2018-06-07 19:49:35 ----D---- C:\WINDOWS\WinSxS
2018-06-07 19:49:35 ----D---- C:\WINDOWS\SysWOW64
2018-06-07 19:48:58 ----D---- C:\WINDOWS\system32\catroot2
2018-06-06 01:29:25 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-06-05 19:26:32 ----SHD---- C:\System Volume Information
2018-06-03 09:13:00 ----D---- C:\WINDOWS\system32\NDF
2018-06-02 11:47:28 ----RSD---- C:\WINDOWS\assembly
2018-06-02 11:42:22 ----D---- C:\WINDOWS\System32
2018-06-02 11:42:22 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-06-01 07:11:40 ----SHDC---- C:\WINDOWS\Installer
2018-06-01 07:11:05 ----D---- C:\Program Files (x86)\Common Files
2018-06-01 07:09:11 ----D---- C:\Program Files (x86)\Microsoft Office
2018-05-28 17:50:45 ----D---- C:\Users\Alice Řepková\AppData\Roaming\Skype
2018-05-28 16:46:56 ----D---- C:\ProgramData\Skype
2018-05-28 16:46:46 ----RD---- C:\Program Files (x86)\Skype
2018-05-28 16:33:51 ----SD---- C:\ProgramData\Microsoft
2018-05-28 16:32:10 ----D---- C:\Program Files (x86)\Microsoft.NET
2018-05-28 16:31:26 ----D---- C:\WINDOWS\system32\DriverStore
2018-05-28 16:29:27 ----RSD---- C:\WINDOWS\Fonts
2018-05-28 16:17:22 ----D---- C:\Program Files\Common Files\microsoft shared
2018-05-24 19:36:18 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2018-05-19 18:06:55 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-05-19 16:10:42 ----RD---- C:\Program Files (x86)
2018-05-19 10:19:24 ----D---- C:\ProgramData\AMD
2018-05-18 16:09:08 ----D---- C:\WINDOWS\system32\Tasks
2018-05-18 16:08:50 ----D---- C:\WINDOWS\system32\drivers
2018-05-18 15:42:34 ----D---- C:\Program Files\Windows Defender
2018-05-18 15:32:38 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2018-05-18 15:30:09 ----D---- C:\WINDOWS\system32\WDI
2018-05-18 12:01:22 ----D---- C:\WINDOWS\appcompat
2018-05-17 18:00:51 ----HD---- C:\ProgramData
2018-05-17 15:20:46 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2018-05-17 15:20:45 ----D---- C:\WINDOWS\system32\WinBioDatabase
2018-05-17 15:20:45 ----D---- C:\WINDOWS\system32\drivers\etc
2018-05-17 15:20:41 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-05-17 15:20:41 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-05-17 15:20:41 ----D---- C:\WINDOWS\SYSWOW64\drivers
2018-05-17 15:20:41 ----D---- C:\WINDOWS\SYSWOW64\BestPractices
2018-05-17 15:20:40 ----HD---- C:\WINDOWS\system32\WLANProfiles
2018-05-17 15:20:40 ----D---- C:\WINDOWS\system32\zh-HK
2018-05-17 15:20:40 ----D---- C:\WINDOWS\system32\spool
2018-05-17 15:20:39 ----DC---- C:\WINDOWS\system32\DRVSTORE
2018-05-17 15:20:39 ----D---- C:\WINDOWS\system32\en-US
2018-05-17 15:20:32 ----D---- C:\Program Files\CONEXANT
2018-05-17 15:20:32 ----AD---- C:\Program Files\UNP
2018-05-17 15:20:32 ----AD---- C:\Program Files\Intel
2018-05-17 15:20:31 ----D---- C:\Program Files\Common Files
2018-05-17 15:20:30 ----D---- C:\WINDOWS\system32\Recovery
2018-05-17 15:20:25 ----D---- C:\WINDOWS\Setup
2018-05-17 06:13:48 ----A---- C:\WINDOWS\SYSWOW64\RebootPrompt.exe
2018-05-17 06:12:13 ----D---- C:\WINDOWS\system32\restore
2018-05-17 06:02:09 ----D---- C:\WINDOWS\SoftwareDistribution
2018-05-17 06:01:24 ----D---- C:\WINDOWS\Tasks
2018-05-17 05:56:02 ----D---- C:\WINDOWS\Registration
2018-05-17 05:55:57 ----D---- C:\WINDOWS\system32\wbem
2018-05-17 05:48:22 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-05-17 05:40:43 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI
2018-05-17 05:32:14 ----D---- C:\WINDOWS\system32\CodeIntegrity
2018-05-17 05:29:43 ----RD---- C:\Users
2018-05-17 05:28:24 ----AD---- C:\Program Files\AMD
2018-05-17 05:28:08 ----D---- C:\WINDOWS\debug
2018-05-17 05:28:05 ----D---- C:\WINDOWS\SYSWOW64\sda
2018-05-17 05:27:38 ----D---- C:\AMD
2018-05-17 05:26:59 ----D---- C:\Program Files\Elantech
2018-05-17 05:26:48 ----A---- C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-05-17 05:26:28 ----D---- C:\ProgramData\USOPrivate
2018-05-17 05:23:17 ----HD---- C:\Recovery
2018-05-16 00:09:23 ----D---- C:\WINDOWS\twain_32
2018-05-16 00:09:16 ----D---- C:\WINDOWS\SYSWOW64\drivers\UMDF
2018-05-16 00:08:57 ----D---- C:\WINDOWS\system32\oobe
2018-05-16 00:08:52 ----D---- C:\WINDOWS\system32\drivers\Lenovo
2018-05-16 00:07:49 ----D---- C:\WINDOWS\system32\BestPractices
2018-05-16 00:07:19 ----D---- C:\Program Files (x86)\Windows Mail
2018-05-16 00:07:16 ----D---- C:\Program Files\Windows Mail
2018-05-15 23:57:58 ----D---- C:\WINDOWS\TextInput
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\vi-VN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ur-PK
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ug-CN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\tt-RU
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\tk-TM
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\te-IN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ta-IN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\sw-KE
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\sq-AL
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\si-LK
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\setup
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\quz-PE
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\prs-AF
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\pa-IN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\or-IN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\nn-NO
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ne-NP
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\mt-MT
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ms-MY
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\mr-IN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\mn-MN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ml-IN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\mk-MK
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\mi-NZ
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\lo-LA
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\lb-LU
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ky-KG
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\kok-IN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\kn-IN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\km-KH
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\kk-KZ
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ka-GE
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\is-IS
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\id-ID
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\hy-AM
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\gu-IN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\gd-GB
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ga-IE
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\fil-PH
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\fa-IR
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\cy-GB
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\bn-IN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\bn-BD
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\be-BY
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\as-IN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\am-ET
2018-05-15 23:57:58 ----D---- C:\WINDOWS\SYSWOW64\af-ZA
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\zu-ZA
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\yo-NG
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\xh-ZA
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\wo-SN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\vi-VN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\ur-PK
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\ug-CN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\tt-RU
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\tn-ZA
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\tk-TM
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\ti-ET
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\te-IN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\ta-in
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\sw-KE
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\sq-AL
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\si-lk
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\setup
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\rw-RW
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\quz-PE
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\prs-AF
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\pa-IN
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2018-05-15 23:57:58 ----D---- C:\WINDOWS\system32\or-IN
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\nso-ZA
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\nn-NO
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\ne-NP
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\mt-MT
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\ms-MY
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\mr-IN
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\mn-MN
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\ml-IN
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\mk-MK
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\mi-NZ
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\lo-LA
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\lb-LU
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\ky-KG
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\kok-IN
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\kn-IN
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\km-KH
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\kk-KZ
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\ka-GE
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\is-IS
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\ig-NG
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\id-ID
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\chr-CHER-US
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\hy-AM
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\gu-IN
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\gd-GB
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\ga-IE
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\fil-PH
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\fa-IR
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\cy-GB
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\cs-CZ
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\Boot
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\bn-IN
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\bn-BD
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\be-BY
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\as-IN
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\appraiser
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\am-et
2018-05-15 23:57:57 ----D---- C:\WINDOWS\system32\af-ZA
2018-05-15 23:57:56 ----D---- C:\WINDOWS\Provisioning
2018-05-15 23:57:55 ----D---- C:\WINDOWS\bcastdvr
2018-05-15 23:57:55 ----D---- C:\WINDOWS\apppatch
2018-05-15 23:57:55 ----D---- C:\Program Files\Windows Photo Viewer
2018-05-15 23:57:55 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2018-05-15 23:38:52 ----SD---- C:\WINDOWS\SYSWOW64\F12
2018-05-15 23:38:52 ----SD---- C:\WINDOWS\SYSWOW64\DiagSvcs
2018-05-15 23:38:52 ----D---- C:\WINDOWS\SYSWOW64\winrm
2018-05-15 23:38:52 ----D---- C:\WINDOWS\SYSWOW64\WCN
2018-05-15 23:38:52 ----D---- C:\WINDOWS\SYSWOW64\wbem
2018-05-15 23:38:52 ----D---- C:\WINDOWS\SYSWOW64\slmgr
2018-05-15 23:38:52 ----D---- C:\WINDOWS\SYSWOW64\Printing_Admin_Scripts
2018-05-15 23:38:52 ----D---- C:\WINDOWS\SYSWOW64\oobe
2018-05-15 23:38:52 ----D---- C:\WINDOWS\SYSWOW64\MUI
2018-05-15 23:38:52 ----D---- C:\WINDOWS\SYSWOW64\DriverStore
2018-05-15 23:38:52 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-05-15 23:38:48 ----D---- C:\WINDOWS\SYSWOW64\com
2018-05-15 23:38:48 ----D---- C:\WINDOWS\system32\winrm
2018-05-15 23:38:48 ----D---- C:\WINDOWS\system32\WCN
2018-05-15 23:38:47 ----SD---- C:\WINDOWS\system32\F12
2018-05-15 23:38:47 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2018-05-15 23:38:47 ----D---- C:\WINDOWS\system32\Sysprep
2018-05-15 23:38:47 ----D---- C:\WINDOWS\system32\slmgr
2018-05-15 23:38:47 ----D---- C:\WINDOWS\system32\Printing_Admin_Scripts
2018-05-15 23:38:47 ----D---- C:\WINDOWS\system32\MUI
2018-05-15 23:38:47 ----D---- C:\WINDOWS\system32\migwiz
2018-05-15 23:38:47 ----D---- C:\WINDOWS\system32\migration
2018-05-15 23:38:46 ----SD---- C:\WINDOWS\system32\DiagSvcs
2018-05-15 23:38:46 ----D---- C:\WINDOWS\system32\Dism
2018-05-15 23:38:42 ----D---- C:\WINDOWS\system32\com
2018-05-15 23:38:42 ----D---- C:\WINDOWS\servicing
2018-05-15 23:38:42 ----D---- C:\WINDOWS\PolicyDefinitions
2018-05-15 23:38:40 ----D---- C:\WINDOWS\IME
2018-05-15 23:38:40 ----D---- C:\WINDOWS\Help
2018-05-15 23:38:40 ----D---- C:\Program Files\Windows Media Player
2018-05-15 23:38:40 ----D---- C:\Program Files\internet explorer
2018-05-15 23:38:40 ----D---- C:\Program Files\Common Files\system
2018-05-15 23:38:40 ----D---- C:\Program Files (x86)\Windows Media Player
2018-05-15 23:38:40 ----D---- C:\Program Files (x86)\Windows Defender
2018-05-15 23:38:40 ----D---- C:\Program Files (x86)\Internet Explorer
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\sl-SI
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\ro-RO
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\lv-LV
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\hr-HR
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\he-IL
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\fr-CA
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\et-EE
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\es-MX
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2018-05-15 23:01:30 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2018-05-15 23:01:29 ----D---- C:\WINDOWS\SYSWOW64\bg-BG
2018-05-15 23:01:29 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\zh-TW
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\zh-CN
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\uk-UA
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\tr-TR
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\th-TH
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\sv-SE
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\sl-SI
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\sk-SK
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\ru-RU
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\ro-RO
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\pt-PT
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\pt-BR
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\pl-PL
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\nl-NL
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\nb-NO
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\lv-LV
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\lt-LT
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\ko-KR
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\ja-jp
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\it-IT
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\hu-HU
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\hr-HR
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\he-IL
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\fr-FR
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\fr-CA
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\fi-FI
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\et-EE
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\es-MX
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\es-ES
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\en-GB
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\el-GR
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\de-DE
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\da-DK
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\bg-BG
2018-05-15 23:01:29 ----D---- C:\WINDOWS\system32\ar-SA
2018-05-15 23:00:24 ----D---- C:\WINDOWS\OCR

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-03-07 199440]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-03-07 343752]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-03-07 57680]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-05-18 85968]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-05-18 381552]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-07-25 1455552]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-04-12 58272]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-05-18 196640]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-03-07 227504]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-05-18 234560]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-05-18 111360]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-05-18 1027720]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-05-18 460520]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-13 91912]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-05-18 159120]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-05-18 205976]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-04-12 414208]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-04-12 43520]
R3 ACPIVPC;@oem15.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-06-15 42328]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-08-04 26706464]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-08-04 518176]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-04-12 106496]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-12 86528]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-12 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 CnxtHdAudService;@oem37.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2016-07-13 1561640]
R3 ETD;@oem10.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2016-09-21 602704]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2016-09-21 41040]
R3 ibtusb;@oem5.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2017-01-13 231168]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-05-26 7970232]
R3 MEIx64;@oem29.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-06-12 183584]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2016-10-20 3517200]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-12 193536]
R3 rt640x64;@oem18.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-05-29 886528]
R3 RTSUER;@oem17.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-07-03 410880]
R3 rtsuvc;@oem16.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-11 3059416]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-04-12 128416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-05-18 46968]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-04-12 92056]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\system32\DRIVERS\BTHport.sys [2018-04-12 1069056]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-04-12 73632]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IntcDAud;@oem2.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-04-12 945560]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2016-06-28 138752]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-08-04 287264]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-05-09 313640]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_1ac1b157;Connected Devices Platform User Service_1ac1b157; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-05-24 8652976]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2014-10-20 207576]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2016-09-21 143584]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2016-11-29 640928]
R2 GDCAgent;GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [2015-07-30 1155512]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-07-22 18856]
R2 ibtsiva;@oem5.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-05-26 373680]
R2 ImControllerService;@oem6.inf,%ImcSvcDisplayName%;System Interface Foundation Service; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-04-24 71408]
R2 OneSyncSvc_1ac1b157;Sync Host_1ac1b157; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2016-11-29 157600]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-04-12 761440]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-05-09 7603408]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-15 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 PimIndexMaintenanceSvc_1ac1b157;Contact Data_1ac1b157; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2017-02-27 688992]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-14 153752]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService_1ac1b157;GameDVR and Broadcast User Service_1ac1b157; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_1ac1b157;Bluetooth User Support Service_1ac1b157; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-05-26 301488]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_1ac1b157;DevicePicker_1ac1b157; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_1ac1b157;DevicesFlow_1ac1b157; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-04-12 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-14 153752]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-08-07 271296]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService_1ac1b157;MessagingService_1ac1b157; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-11-29 268704]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-05-24 212144]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_1ac1b157;PrintWorkflow_1ac1b157; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 ShareItSvc;ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [2016-03-31 31704]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-05-15 976384]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[aldik]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build: 06-05-2018
# Database: 2018-06-12.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-14-2018
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Host App Service
Deleted C:\Users\Alice Řepková\AppData\Local\Host App Service

***** [ Files ] *****

Deleted C:\Windows\System32\Tasks_Migrated\App Explorer

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\App Explorer

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKCU\Software\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6376CCF-12AC-4B0B-BDBA-BC21D1E566D8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1865 octets] - [14/06/2018 09:16:51]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .

[aldik]

Ten program se nechce spustit, prý se nenachází na ploše, ale tam se nacházel a přesto to vyhazovalo pořád tu hlášku.

[Rudy]

Tak to máme problém, neboť z FRST nemohu v desítkách mazat. Riskoval bych poškození systému. Zkuste ho dát do jiného adresáře.