Notebook se seká

[r.o.s.t.a.c.k.a]

Dobrý den, prosím o kontrolu logu, notebook je poslední dobou zasekaný. Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Aky at 2020-03-05 14:12:03
Microsoft Windows 10 Home
System drive C: has 598 GB (32%) free of 1881 GB
Total RAM: 8084 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:12:25, on 05.03.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
C:\Users\Aky\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe
C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe
C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
C:\Program Files\trend micro\Aky.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch.lavasoft.com/?pr=v ... 54__181224
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Browsing Protection by F-Secure - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif\1582124234\browser\install\fs_ie_https\fs_ie_https.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Aky\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Aky] explorer.exe http://dipladoks.org
O4 - HKCU\..\Run: [Wargaming.net Game Center] "C:\ProgramData\Wargaming.net\GameCenter\wgc.exe" --background
O4 - HKCU\..\Run: [Opera Browser Assistant] C:\Users\Aky\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: bookingDesktopApp Update Service (bookingdesktopapp) (bookingdesktopapp) - bookingDesktopApp. - C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopappm) (bookingdesktopappm) - bookingDesktopApp. - C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_ec7de9 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: Dolby DAX2 API Service - Dolby Laboratories, Inc. - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: F-Secure Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
O23 - Service: F-Secure Hoster (Restricted) (fsnethoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
O23 - Service: F-Secure Ultralight Hoster (fsulhoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fshoster64.exe
O23 - Service: F-Secure Ultralight Network Hoster (fsulnethoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fshoster64.exe
O23 - Service: F-Secure Ultralight ORSP Client (fsulorsp) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsorsp64.exe
O23 - Service: F-Secure Ultralight Protected Hoster (fsulprothoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsulprothoster.exe
O23 - Service: GameRecorderSVC - Lenovo(beijing) Limited - C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe
O23 - Service: @oem5.inf,%iaStorAfsWindowsService.Name%;Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Intel Corporation - C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
O23 - Service: @oem3.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxCUIService.exe
O23 - Service: @oem16.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Ltd. - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) TPM Provisioning Service - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LenovoVantageService - Lenovo Group Ltd. - C:\Program Files (x86)\Lenovo\VantageService\LenovoVantageService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: PluginLoaderSvc - Lenovo(beijing) Limited - C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WC Assistant (WCAssistantService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14071 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5b8e9f5c-9ff6-42ff-b801-13f25f68b364 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-69a8232f-99ef-4c6c-bd56-577215630de9 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-501b963f-5e5d-4d2a-b109-6fe4de225cf8 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-27781618-51b6-4e89-a45f-cf6b7739954c -LifetimeId:68338a3e-215a-4ddb-91f1-b8a2b1296a3b -DeviceGroupId: -HostArg:0
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s bthserv
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
dashost.exe {8f02facc-e239-4d5e-8fa52590294f4a31}
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc

C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\system32\WLANExt.exe 2565870369792
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHDCPSvc.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
"C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe" C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
C:\WINDOWS\system32\ibtsiva
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsorsp64.exe"
"C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe" -hosterid:0
"C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe" -hosterid:2
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc

C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHeciSvc.exe
"C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fshoster64.exe" -PointAppFamily:1400 -hosterID:2
"C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fshoster64.exe" -PointAppFamily:1400
C:\WINDOWS\system32\SearchIndexer.exe /Embedding

"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files (x86)\Lenovo\VantageService\LenovoVantageService.exe"
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k netsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
"C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"

"C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
3060

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"ctfmon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe" -app -hosterId:1
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k BthAppGroup -p -s BluetoothUserService
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxEM.exe"
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe" -autostart
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Lenovo\Nerve Center\bin\x64\HotkeyMonitor.exe" /xml 㼼浸敶獲潩㵮ㄢ〮•湥潣楤杮∽呕ⵆ∸猠慴摮污湯㵥礢獥•㸿㰊䐡䍏奔䕐戠潯瑳獟牥慩楬慺楴湯ਾ戼潯瑳獟牥慩楬慺楴湯猠杩慮畴敲∽敳楲污穩瑡潩㩮愺捲楨敶•敶獲潩㵮ㄢ∲ਾ砼汭挠慬獳楟㵤〢•牴捡楫杮江癥汥∽∰瘠牥楳湯∽∰ਾ㰉彭䥣整汣獡彳摩∽∱琠慲正湩彧敬敶㵬ㄢ•敶獲潩㵮〢•扯敪瑣楟㵤弢∰ਾउ猼慴瑲潭楮潴㹲㰱猯慴瑲潭楮潴㹲ऊ㰉潨歴祥楬瑳挠慬獳楟㵤㈢•牴捡楫杮江癥汥∽∰瘠牥楳湯∽∰ਾउ㰉潣湵㹴㰵振畯瑮ਾउ㰉瑩浥癟牥楳湯〾⼼瑩浥癟牥楳湯ਾउ㰉瑩浥挠慬獳楟㵤㌢•牴捡楫杮江癥汥∽∰瘠牥楳湯∽∰ਾउउ格瑯敫湹浡㹥硥牴浥挭潯楬杮⼼潨歴祥慮敭ਾउउ爼来慰桴匾䙏坔剁居敬潮潶乜牥敶敃瑮牥卜潨瑲畃屴潈䭴祥䕜瑸敲敭效瑡⼼敲灧瑡㹨ऊउ㰉癥湥湴浡㹥汇扯污䝜浡婥湯䕥瑸敲敭潃汯癅湥㱴支敶瑮慮敭ਾउ㰉椯整㹭ऊउ椼整㹭ऊउ㰉潨歴祥慮敭瀾敲敶瑮洠獩慴敫㱮栯瑯敫湹浡㹥ऊउ㰉敲灧瑡㹨体呆䅗䕒汜湥癯屯敎癲䍥湥整屲桓牯䍴瑵䡜瑯敋屹湁楴楍潳数慲楴湯潔捵㱨爯来慰桴ਾउउ攼敶瑮慮敭䜾潬慢屬慇敭潚敮慆汳呥畯档癅湥㱴支敶瑮慮敭ਾउ㰉椯整㹭ऊउ椼整㹭ऊउ㰉潨歴祥慮敭瘾摩潥爠捥牯敤㱲栯瑯敫湹浡㹥ऊउ㰉敲灧瑡㹨体呆䅗䕒汜湥癯屯敎癲䍥湥整屲桓牯䍴瑵䡜瑯敋屹楖敤䍯灡畴敲⼼敲灧瑡㹨ऊउ㰉癥湥湴浡㹥汇扯污䝜浡婥湯剥捥牯敤䕲敶瑮⼼癥湥湴浡㹥ऊउ⼼瑩浥ਾउ㰉瑩浥ਾउउ格瑯敫湹浡㹥楶敤敲潣摲牥⼼潨歴祥慮敭ਾउउ爼来慰桴匾䙏坔剁居敬潮潶乜牥敶敃瑮牥卜潨瑲畃屴潈䭴祥噜摩潥慃瑰牵卥捥⼼敲灧瑡㹨ऊउ㰉癥湥湴浡㹥汇扯污䝜浡婥湯剥捥牯敤䕲敶瑮⼼癥湥湴浡㹥ऊउ⼼瑩浥ਾउ㰉瑩浥ਾउउ格瑯敫湹浡㹥楶敤敲潣摲牥⼼潨歴祥慮敭ਾउउ爼来慰桴匾䙏坔剁居敬潮潶乜牥敶敃瑮牥卜潨瑲畃屴潈䭴祥噜摩潥慃瑰牵呥摨⼼敲灧瑡㹨ऊउ㰉癥湥湴浡㹥汇扯污䝜浡婥湯剥捥牯敤䕲敶瑮⼼癥湥湴浡㹥ऊउ⼼瑩浥ਾउ⼼潨歴祥楬瑳ਾ㰉洯损瑉浥ਾ⼼浸㹬㰊戯潯瑳獟牥慩楬慺楴湯ਾ
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe" -Hide
"C:\Users\Aky\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\ProgramData\Wargaming.net\GameCenter\wgc.exe" --background
"C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe" --pipe "parent_pid_7444haz5839v-8va5-va58-v5a8-3a3hv58zb59f" --superuserid "WGC" --self_crash_handling_folder "C:\ProgramData\Wargaming.net\GameCenter\cat " --self_crash_handling_receiver_url "http://cat.wargaming.net " Logs " "
"C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.4.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe" --type=gpu-process --field-trial-handle=2748,16994271658713548589,15676912271745039841,131072 --disable-features=MimeHandlerViewInCrossProcessFrame --no-sandbox --log-file="C:\ProgramData\Wargaming.net\GameCenter\logs\cef_20200302_120624_984.log" --log-severity=info --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 WGC/19.09.02.8852" --lang=en-US --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\ProgramData\Wargaming.net\GameCenter\logs\cef_20200302_120624_984.log" --service-request-channel-token=5351925017145593637 --mojo-platform-channel-handle=2708 /prefetch:2
"C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe" --type=utility --field-trial-handle=2748,16994271658713548589,15676912271745039841,131072 --disable-features=MimeHandlerViewInCrossProcessFrame --lang=en-US --service-sandbox-type=network --no-sandbox --log-file="C:\ProgramData\Wargaming.net\GameCenter\logs\cef_20200302_120624_984.log" --log-severity=info --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 WGC/19.09.02.8852" --lang=en-US --log-file="C:\ProgramData\Wargaming.net\GameCenter\logs\cef_20200302_120624_984.log" --service-request-channel-token=11673487688665334337 --mojo-platform-channel-handle=3208 /prefetch:8
"C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe" --type=renderer --no-sandbox --force-device-scale-factor=1 --log-file="C:\ProgramData\Wargaming.net\GameCenter\logs\cef_20200302_120624_984.log" --field-trial-handle=2748,16994271658713548589,15676912271745039841,131072 --disable-features=MimeHandlerViewInCrossProcessFrame --lang=en-US --log-file="C:\ProgramData\Wargaming.net\GameCenter\logs\cef_20200302_120624_984.log" --log-severity=info --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 WGC/19.09.02.8852" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13542247826810324945 --renderer-client-id=3 --mojo-platform-channel-handle=3184 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.133.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.133.0_x64__8wekyb3d8bbwe\YourPhoneServer/YourPhoneServer.exe" -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\AUDIODG.EXE 0x490
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files\qBittorrent\qbittorrent.exe" "C:\Users\Aky\Downloads\[CzT]Shaft_2019_CZ_WebRip_.torrent"
C:\Windows\System32\smartscreen.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -s W32Time
taskhostw.exe
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20011.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca

C:\Windows\System32\RuntimeBroker.exe -Embedding
-name 0b264b95-4e1f-4c72-a92c-30e5a3363b93 -runas -pluginName GenericMessagingPlugin -pluginVersion 3.1.0.119
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
-name 5c0dcfd6-d993-45dd-a51e-d1436640f3c8 -runas -pluginName DolbyAudioPlugin -pluginVersion 1.2.235.5
-name 11b15cf2-09c6-474e-b75a-33cefe932bdd -runas -pluginName LenovoWiFiSecurityPlugin -pluginVersion 2.0.1.18
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts


"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\WINDOWS\system32\MicrosoftEdgeSH.exe SCODEF:11988 CREDAT:9730 APH:1000000000000030 JITHOST /prefetch:2
"C:\Windows\System32\MicrosoftEdgeCP.exe" -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe89_ Global\UsGthrCtrlFltPipeMssGthrPipe89 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 776 780 788 8192 784
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Users\Aky\Desktop\RSITx64.exe"
-name be2ed4d0-a3f6-4a3e-8199-c8c10934639d -runas -pluginName GenericCorePlugin -pluginVersion 1.3.2.17

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12 210632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45BBE08D-81C5-4A67-AF20-B2A077C67747}]
Browsing Protection by F-Secure - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif\1582124234\browser\install\fs_ie_https\fs_ie_https64.dll [2020-02-19 1640320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45BBE08D-81C5-4A67-AF20-B2A077C67747}]
Browsing Protection by F-Secure - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif\1582124234\browser\install\fs_ie_https\fs_ie_https.dll [2020-02-19 1057664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2020-02-14 84992]
"NerveCenterTray"=C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe [2017-09-29 258400]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2017-07-26 1922496]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2018-10-18 18391088]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-10-18 1506376]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-10-18 1506376]
"DAX2_APP"=C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [2017-03-07 849920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Aky\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-02-22 1573432]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-12-17 731240]
"Aky"=explorer.exe http://dipladoks.org []
"Wargaming.net Game Center"=C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2020-02-27 2415480]
"Opera Browser Assistant"=C:\Users\Aky\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2020-02-24 3024408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktopChanges"=0
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.X264"=x264vfw64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-03-05 14:12:04 ----D---- C:\Program Files\trend micro
2020-03-05 14:12:03 ----D---- C:\rsit
2020-03-05 13:43:18 ----D---- C:\Břicháč tom
2020-02-14 01:14:09 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2020-02-14 01:07:59 ----D---- C:\ProgramData\ssh
2020-02-14 00:29:20 ----A---- C:\WINDOWS\system32\wbengine.exe
2020-02-14 00:29:19 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2020-02-14 00:29:15 ----A---- C:\WINDOWS\system32\cdp.dll
2020-02-14 00:29:09 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2020-02-14 00:29:09 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2020-02-14 00:29:07 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2020-02-14 00:29:06 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2020-02-14 00:29:06 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2020-02-14 00:29:06 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2020-02-14 00:29:06 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2020-02-14 00:29:06 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2020-02-14 00:29:06 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2020-02-14 00:29:06 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2020-02-14 00:29:04 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2020-02-14 00:29:02 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2020-02-14 00:29:01 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2020-02-14 00:29:00 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2020-02-14 00:29:00 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2020-02-14 00:29:00 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-02-14 00:29:00 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2020-02-14 00:28:59 ----A---- C:\WINDOWS\system32\mfsvr.dll
2020-02-14 00:28:59 ----A---- C:\WINDOWS\system32\mfcore.dll
2020-02-14 00:28:59 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-02-14 00:28:59 ----A---- C:\WINDOWS\system32\mf.dll
2020-02-14 00:28:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2020-02-14 00:28:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2020-02-14 00:28:45 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2020-02-14 00:28:45 ----A---- C:\WINDOWS\SYSWOW64\tapisrv.dll
2020-02-14 00:28:45 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2020-02-14 00:28:45 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2020-02-14 00:28:45 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2020-02-14 00:28:45 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2020-02-14 00:28:45 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2020-02-14 00:28:45 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2020-02-14 00:28:45 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2020-02-14 00:28:44 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2020-02-14 00:28:44 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2020-02-14 00:28:43 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2020-02-14 00:28:43 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2020-02-14 00:28:43 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2020-02-14 00:28:42 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2020-02-14 00:28:42 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2020-02-14 00:28:42 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2020-02-14 00:28:41 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-02-14 00:28:40 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2020-02-14 00:28:40 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2020-02-14 00:28:38 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2020-02-14 00:28:38 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe
2020-02-14 00:28:38 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2020-02-14 00:28:38 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2020-02-14 00:28:38 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2020-02-14 00:28:38 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2020-02-14 00:28:38 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2020-02-14 00:28:38 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2020-02-14 00:28:37 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2020-02-14 00:28:37 ----A---- C:\WINDOWS\SYSWOW64\fdWSD.dll
2020-02-14 00:28:37 ----A---- C:\WINDOWS\SYSWOW64\fdSSDP.dll
2020-02-14 00:28:37 ----A---- C:\WINDOWS\SYSWOW64\dfrgui.exe
2020-02-14 00:28:37 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2020-02-14 00:28:36 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-02-14 00:28:36 ----A---- C:\WINDOWS\system32\sysmain.dll
2020-02-14 00:28:36 ----A---- C:\WINDOWS\system32\SrTasks.exe
2020-02-14 00:28:36 ----A---- C:\WINDOWS\system32\srrstr.dll
2020-02-14 00:28:36 ----A---- C:\WINDOWS\system32\srcore.dll
2020-02-14 00:28:36 ----A---- C:\WINDOWS\system32\rstrui.exe
2020-02-14 00:28:36 ----A---- C:\WINDOWS\system32\recdisc.exe
2020-02-14 00:28:35 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2020-02-14 00:28:35 ----A---- C:\WINDOWS\system32\tsgqec.dll
2020-02-14 00:28:35 ----A---- C:\WINDOWS\system32\termsrv.dll
2020-02-14 00:28:35 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2020-02-14 00:28:35 ----A---- C:\WINDOWS\system32\CPFilters.dll
2020-02-14 00:28:34 ----A---- C:\WINDOWS\system32\tapisrv.dll
2020-02-14 00:28:34 ----A---- C:\WINDOWS\system32\rdpencom.dll
2020-02-14 00:28:34 ----A---- C:\WINDOWS\system32\rdpcore.dll
2020-02-14 00:28:34 ----A---- C:\WINDOWS\system32\rdpclip.exe
2020-02-14 00:28:34 ----A---- C:\WINDOWS\system32\mstscax.dll
2020-02-14 00:28:34 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2020-02-14 00:28:34 ----A---- C:\WINDOWS\system32\FsIso.exe
2020-02-14 00:28:34 ----A---- C:\WINDOWS\system32\FSClient.dll
2020-02-14 00:28:34 ----A---- C:\WINDOWS\system32\FrameServer.dll
2020-02-14 00:28:33 ----A---- C:\WINDOWS\system32\SysResetErr.exe
2020-02-14 00:28:33 ----A---- C:\WINDOWS\system32\srms.dat
2020-02-14 00:28:33 ----A---- C:\WINDOWS\system32\ResetEngine.exe
2020-02-14 00:28:33 ----A---- C:\WINDOWS\system32\reseteng.dll
2020-02-14 00:28:33 ----A---- C:\WINDOWS\system32\rdpudd.dll
2020-02-14 00:28:33 ----A---- C:\WINDOWS\system32\rdpnano.dll
2020-02-14 00:28:33 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2020-02-14 00:28:33 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2020-02-14 00:28:32 ----A---- C:\WINDOWS\system32\systemreset.exe
2020-02-14 00:28:32 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2020-02-14 00:28:32 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2020-02-14 00:28:32 ----A---- C:\WINDOWS\system32\msimsg.dll
2020-02-14 00:28:32 ----A---- C:\WINDOWS\system32\DscCore.dll
2020-02-14 00:28:32 ----A---- C:\WINDOWS\system32\DAFMCP.dll
2020-02-14 00:28:31 ----A---- C:\WINDOWS\system32\msi.dll
2020-02-14 00:28:31 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2020-02-14 00:28:30 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2020-02-14 00:28:30 ----A---- C:\WINDOWS\system32\ieframe.dll
2020-02-14 00:28:29 ----A---- C:\WINDOWS\system32\jscript9.dll
2020-02-14 00:28:29 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2020-02-14 00:28:29 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2020-02-14 00:28:28 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-02-14 00:28:28 ----A---- C:\WINDOWS\system32\ieproxy.dll
2020-02-14 00:28:28 ----A---- C:\WINDOWS\system32\Chakra.dll
2020-02-14 00:28:25 ----A---- C:\WINDOWS\system32\mshtml.dll
2020-02-14 00:28:25 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2020-02-14 00:28:24 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2020-02-14 00:28:23 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2020-02-14 00:28:23 ----A---- C:\WINDOWS\system32\edgehtml.dll
2020-02-14 00:28:22 ----A---- C:\WINDOWS\system32\werui.dll
2020-02-14 00:28:22 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2020-02-14 00:28:22 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2020-02-14 00:28:22 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2020-02-14 00:28:22 ----A---- C:\WINDOWS\system32\msfeeds.dll
2020-02-14 00:28:22 ----A---- C:\WINDOWS\system32\jscript.dll
2020-02-14 00:28:22 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2020-02-14 00:28:22 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2020-02-14 00:28:21 ----A---- C:\WINDOWS\system32\werconcpl.dll
2020-02-14 00:28:21 ----A---- C:\WINDOWS\system32\fdWSD.dll
2020-02-14 00:28:21 ----A---- C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-02-14 00:28:21 ----A---- C:\WINDOWS\system32\dfrgui.exe
2020-02-14 00:28:21 ----A---- C:\WINDOWS\system32\defragsvc.dll
2020-02-14 00:28:21 ----A---- C:\WINDOWS\system32\Defrag.exe
2020-02-14 00:28:21 ----A---- C:\WINDOWS\system32\ClipUp.exe
2020-02-14 00:28:18 ----A---- C:\WINDOWS\system32\resutils.dll
2020-02-14 00:28:17 ----A---- C:\WINDOWS\system32\sdshext.dll
2020-02-14 00:28:17 ----A---- C:\WINDOWS\system32\sdrsvc.dll
2020-02-14 00:28:17 ----A---- C:\WINDOWS\system32\sdengin2.dll
2020-02-14 00:28:17 ----A---- C:\WINDOWS\system32\sdclt.exe
2020-02-14 00:28:17 ----A---- C:\WINDOWS\system32\clusapi.dll
2020-02-14 00:28:16 ----A---- C:\WINDOWS\system32\tcbloader.dll
2020-02-14 00:28:16 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2020-02-14 00:28:16 ----A---- C:\WINDOWS\system32\skci.dll
2020-02-14 00:28:16 ----A---- C:\WINDOWS\system32\securekernel.exe
2020-02-14 00:28:16 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2020-02-14 00:28:16 ----A---- C:\WINDOWS\system32\hvloader.dll
2020-02-14 00:28:16 ----A---- C:\WINDOWS\system32\hvix64.exe
2020-02-14 00:28:16 ----A---- C:\WINDOWS\system32\hvax64.exe
2020-02-14 00:28:16 ----A---- C:\WINDOWS\system32\fdSSDP.dll
2020-02-14 00:28:16 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2020-02-14 00:28:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2020-02-14 00:28:15 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2020-02-14 00:28:15 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-02-14 00:28:14 ----A---- C:\WINDOWS\SYSWOW64\rtutils.dll
2020-02-14 00:28:14 ----A---- C:\WINDOWS\SYSWOW64\rdpviewerax.dll
2020-02-14 00:28:14 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2020-02-14 00:28:14 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2020-02-14 00:28:14 ----A---- C:\WINDOWS\SYSWOW64\printui.exe
2020-02-14 00:28:14 ----A---- C:\WINDOWS\SYSWOW64\findnetprinters.dll
2020-02-14 00:28:14 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2020-02-14 00:28:14 ----A---- C:\WINDOWS\SYSWOW64\compstui.dll
2020-02-14 00:28:14 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2020-02-14 00:28:13 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2020-02-14 00:28:13 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2020-02-14 00:28:12 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2020-02-14 00:28:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2020-02-14 00:28:12 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2020-02-14 00:28:12 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2020-02-14 00:28:12 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2020-02-14 00:28:12 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2020-02-14 00:28:12 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2020-02-14 00:28:11 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2020-02-14 00:28:11 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2020-02-14 00:28:11 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2020-02-14 00:28:11 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2020-02-14 00:28:11 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2020-02-14 00:28:11 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2020-02-14 00:28:11 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2020-02-14 00:28:11 ----A---- C:\WINDOWS\SYSWOW64\Websocket.dll
2020-02-14 00:28:11 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2020-02-14 00:28:11 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2020-02-14 00:28:11 ----A---- C:\WINDOWS\SYSWOW64\keyiso.dll
2020-02-14 00:28:11 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2020-02-14 00:28:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-02-14 00:28:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2020-02-14 00:28:10 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2020-02-14 00:28:10 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2020-02-14 00:28:09 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2020-02-14 00:28:09 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2020-02-14 00:28:09 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2020-02-14 00:28:09 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2020-02-14 00:28:09 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2020-02-14 00:28:09 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2020-02-14 00:28:09 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2020-02-14 00:28:09 ----A---- C:\WINDOWS\SYSWOW64\BCP47mrm.dll
2020-02-14 00:28:08 ----A---- C:\WINDOWS\SYSWOW64\Winlangdb.dll
2020-02-14 00:28:08 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2020-02-14 00:28:08 ----A---- C:\WINDOWS\SYSWOW64\UserLanguageProfileCallback.dll
2020-02-14 00:28:08 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2020-02-14 00:28:08 ----A---- C:\WINDOWS\SYSWOW64\rdpsharercom.dll
2020-02-14 00:28:08 ----A---- C:\WINDOWS\SYSWOW64\globinputhost.dll
2020-02-14 00:28:08 ----A---- C:\WINDOWS\SYSWOW64\BCP47Langs.dll
2020-02-14 00:28:04 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2020-02-14 00:28:03 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2020-02-14 00:28:03 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2020-02-14 00:28:03 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2020-02-14 00:28:03 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2020-02-14 00:28:03 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2020-02-14 00:28:03 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2020-02-14 00:28:03 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2020-02-14 00:28:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2020-02-14 00:28:02 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2020-02-14 00:28:02 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2020-02-14 00:28:02 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2020-02-14 00:28:02 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2020-02-14 00:28:02 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2020-02-14 00:28:01 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2020-02-14 00:28:01 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2020-02-14 00:28:01 ----A---- C:\WINDOWS\SYSWOW64\regapi.dll
2020-02-14 00:28:00 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2020-02-14 00:28:00 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2020-02-14 00:28:00 ----A---- C:\WINDOWS\SYSWOW64\msutb.dll
2020-02-14 00:28:00 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2020-02-14 00:27:59 ----A---- C:\WINDOWS\SYSWOW64\SpatialAudioLicenseSrv.exe
2020-02-14 00:27:59 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2020-02-14 00:27:59 ----A---- C:\WINDOWS\SYSWOW64\mciwave.dll
2020-02-14 00:27:59 ----A---- C:\WINDOWS\SYSWOW64\mciseq.dll
2020-02-14 00:27:59 ----A---- C:\WINDOWS\SYSWOW64\mcicda.dll
2020-02-14 00:27:59 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2020-02-14 00:27:59 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2020-02-14 00:27:59 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2020-02-14 00:27:59 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-02-14 00:27:59 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2020-02-14 00:27:59 ----A---- C:\WINDOWS\system32\comctl32.dll
2020-02-14 00:27:58 ----A---- C:\WINDOWS\system32\rtutils.dll
2020-02-14 00:27:58 ----A---- C:\WINDOWS\system32\rdpviewerax.dll
2020-02-14 00:27:58 ----A---- C:\WINDOWS\system32\rasmans.dll
2020-02-14 00:27:58 ----A---- C:\WINDOWS\system32\puiobj.dll
2020-02-14 00:27:58 ----A---- C:\WINDOWS\system32\puiapi.dll
2020-02-14 00:27:58 ----A---- C:\WINDOWS\system32\printui.exe
2020-02-14 00:27:58 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2020-02-14 00:27:58 ----A---- C:\WINDOWS\system32\icsunattend.exe
2020-02-14 00:27:58 ----A---- C:\WINDOWS\system32\findnetprinters.dll
2020-02-14 00:27:58 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2020-02-14 00:27:58 ----A---- C:\WINDOWS\system32\compstui.dll
2020-02-14 00:27:57 ----A---- C:\WINDOWS\system32\xpsservices.dll
2020-02-14 00:27:57 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2020-02-14 00:27:57 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-02-14 00:27:57 ----A---- C:\WINDOWS\system32\npmproxy.dll
2020-02-14 00:27:57 ----A---- C:\WINDOWS\system32\nlmsprep.dll
2020-02-14 00:27:57 ----A---- C:\WINDOWS\system32\nlmproxy.dll
2020-02-14 00:27:57 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2020-02-14 00:27:57 ----A---- C:\WINDOWS\system32\netprofm.dll
2020-02-14 00:27:56 ----A---- C:\WINDOWS\system32\edgeIso.dll
2020-02-14 00:27:55 ----A---- C:\WINDOWS\system32\wininet.dll
2020-02-14 00:27:55 ----A---- C:\WINDOWS\system32\urlmon.dll
2020-02-14 00:27:55 ----A---- C:\WINDOWS\system32\msIso.dll
2020-02-14 00:27:55 ----A---- C:\WINDOWS\system32\iertutil.dll
2020-02-14 00:27:54 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-02-14 00:27:54 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2020-02-14 00:27:54 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2020-02-14 00:27:54 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-02-14 00:27:54 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2020-02-14 00:27:54 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-02-14 00:27:53 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2020-02-14 00:27:53 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2020-02-14 00:27:53 ----A---- C:\WINDOWS\SYSWOW64\NetDriverInstall.dll
2020-02-14 00:27:53 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2020-02-14 00:27:53 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2020-02-14 00:27:53 ----A---- C:\WINDOWS\system32\wow64.dll
2020-02-14 00:27:53 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-02-14 00:27:53 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2020-02-14 00:27:52 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2020-02-14 00:27:52 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2020-02-14 00:27:52 ----A---- C:\WINDOWS\system32\netlogon.dll
2020-02-14 00:27:52 ----A---- C:\WINDOWS\system32\NetDriverInstall.dll
2020-02-14 00:27:50 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2020-02-14 00:27:50 ----A---- C:\WINDOWS\system32\KernelBase.dll
2020-02-14 00:27:50 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2020-02-14 00:27:50 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2020-02-14 00:27:50 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2020-02-14 00:27:49 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2020-02-14 00:27:48 ----A---- C:\WINDOWS\system32\wersvc.dll
2020-02-14 00:27:48 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2020-02-14 00:27:48 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-02-14 00:27:48 ----A---- C:\WINDOWS\system32\ntdll.dll
2020-02-14 00:27:48 ----A---- C:\WINDOWS\system32\hal.dll
2020-02-14 00:27:48 ----A---- C:\WINDOWS\system32\Faultrep.dll
2020-02-14 00:27:48 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2020-02-14 00:27:47 ----A---- C:\WINDOWS\system32\wermgr.exe
2020-02-14 00:27:47 ----A---- C:\WINDOWS\system32\WerFault.exe
2020-02-14 00:27:47 ----A---- C:\WINDOWS\system32\weretw.dll
2020-02-14 00:27:47 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2020-02-14 00:27:47 ----A---- C:\WINDOWS\system32\wer.dll
2020-02-14 00:27:47 ----A---- C:\WINDOWS\system32\utcutil.dll
2020-02-14 00:27:47 ----A---- C:\WINDOWS\system32\runexehelper.exe
2020-02-14 00:27:47 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2020-02-14 00:27:47 ----A---- C:\WINDOWS\system32\diagtrack.dll
2020-02-14 00:27:46 ----A---- C:\WINDOWS\system32\WinTypes.dll
2020-02-14 00:27:46 ----A---- C:\WINDOWS\system32\wincorlib.dll
2020-02-14 00:27:46 ----A---- C:\WINDOWS\system32\Websocket.dll
2020-02-14 00:27:46 ----A---- C:\WINDOWS\system32\webio.dll
2020-02-14 00:27:46 ----A---- C:\WINDOWS\system32\profsvc.dll
2020-02-14 00:27:46 ----A---- C:\WINDOWS\system32\lsasrv.dll
2020-02-14 00:27:46 ----A---- C:\WINDOWS\system32\logoncli.dll
2020-02-14 00:27:46 ----A---- C:\WINDOWS\system32\keyiso.dll
2020-02-14 00:27:46 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2020-02-14 00:27:46 ----A---- C:\WINDOWS\system32\drivers\http.sys
2020-02-14 00:27:45 ----A---- C:\WINDOWS\system32\twinui.dll
2020-02-14 00:27:45 ----A---- C:\WINDOWS\system32\twinapi.dll
2020-02-14 00:27:45 ----A---- C:\WINDOWS\system32\regapi.dll
2020-02-14 00:27:45 ----A---- C:\WINDOWS\system32\combase.dll
2020-02-14 00:27:45 ----A---- C:\WINDOWS\system32\ci.dll
2020-02-14 00:27:44 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2020-02-14 00:27:44 ----A---- C:\WINDOWS\system32\sppobjs.dll
2020-02-14 00:27:44 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2020-02-14 00:27:44 ----A---- C:\WINDOWS\system32\sppcext.dll
2020-02-14 00:27:44 ----A---- C:\WINDOWS\system32\pidgenx.dll
2020-02-14 00:27:44 ----A---- C:\WINDOWS\system32\msutb.dll
2020-02-14 00:27:43 ----A---- C:\WINDOWS\system32\sppsvc.exe
2020-02-14 00:27:42 ----A---- C:\WINDOWS\system32\wimserv.exe
2020-02-14 00:27:42 ----A---- C:\WINDOWS\system32\wimgapi.dll
2020-02-14 00:27:42 ----A---- C:\WINDOWS\system32\uDWM.dll
2020-02-14 00:27:42 ----A---- C:\WINDOWS\system32\shell32.dll
2020-02-14 00:27:42 ----A---- C:\WINDOWS\system32\dwmcore.dll
2020-02-14 00:27:42 ----A---- C:\WINDOWS\system32\drivers\wimmount.sys
2020-02-14 00:27:41 ----A---- C:\WINDOWS\system32\winresume.exe
2020-02-14 00:27:41 ----A---- C:\WINDOWS\system32\winload.exe
2020-02-14 00:27:40 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-02-14 00:27:40 ----A---- C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-02-14 00:27:40 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2020-02-14 00:27:40 ----A---- C:\WINDOWS\system32\invagent.dll
2020-02-14 00:27:40 ----A---- C:\WINDOWS\system32\appraiser.dll
2020-02-14 00:27:40 ----A---- C:\WINDOWS\system32\aeinv.dll
2020-02-14 00:27:40 ----A---- C:\WINDOWS\system32\acmigration.dll
2020-02-14 00:27:39 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-02-14 00:27:38 ----A---- C:\WINDOWS\system32\SecurityHealthSystray.exe
2020-02-14 00:27:38 ----A---- C:\WINDOWS\system32\SecurityHealthSSO.dll
2020-02-14 00:27:38 ----A---- C:\WINDOWS\system32\NotificationController.dll
2020-02-14 00:27:38 ----A---- C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-02-14 00:27:37 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2020-02-14 00:27:37 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2020-02-14 00:27:36 ----A---- C:\WINDOWS\system32\usosvc.dll
2020-02-14 00:27:36 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2020-02-14 00:27:36 ----A---- C:\WINDOWS\system32\UsoClient.exe
2020-02-14 00:27:36 ----A---- C:\WINDOWS\system32\usoapi.dll
2020-02-14 00:27:36 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-02-14 00:27:36 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2020-02-14 00:27:36 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2020-02-14 00:27:36 ----A---- C:\WINDOWS\system32\MusNotification.exe
2020-02-14 00:27:35 ----A---- C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-02-14 00:27:35 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2020-02-14 00:27:35 ----A---- C:\WINDOWS\system32\bindflt.dll
2020-02-14 00:27:34 ----A---- C:\WINDOWS\system32\win32u.dll
2020-02-14 00:27:34 ----A---- C:\WINDOWS\system32\win32kfull.sys
2020-02-14 00:27:34 ----A---- C:\WINDOWS\system32\win32k.sys
2020-02-14 00:27:34 ----A---- C:\WINDOWS\system32\user32.dll
2020-02-14 00:27:34 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2020-02-14 00:27:33 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2020-02-14 00:27:33 ----A---- C:\WINDOWS\system32\rdpbase.dll
2020-02-14 00:27:33 ----A---- C:\WINDOWS\system32\kerberos.dll
2020-02-14 00:27:33 ----A---- C:\WINDOWS\system32\BCP47mrm.dll
2020-02-14 00:27:33 ----A---- C:\WINDOWS\system32\BCP47Langs.dll
2020-02-14 00:27:32 ----A---- C:\WINDOWS\system32\Winlangdb.dll
2020-02-14 00:27:32 ----A---- C:\WINDOWS\system32\windows.storage.dll
2020-02-14 00:27:32 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2020-02-14 00:27:32 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-02-14 00:27:32 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-02-14 00:27:32 ----A---- C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-02-14 00:27:32 ----A---- C:\WINDOWS\system32\globinputhost.dll
2020-02-14 00:27:31 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-02-14 00:27:30 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2020-02-14 00:27:30 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-02-14 00:27:30 ----A---- C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-02-14 00:27:30 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2020-02-14 00:27:30 ----A---- C:\WINDOWS\system32\rdpsharercom.dll
2020-02-14 00:27:30 ----A---- C:\WINDOWS\system32\ISM.dll
2020-02-14 00:27:30 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2020-02-14 00:27:29 ----A---- C:\WINDOWS\system32\tquery.dll
2020-02-14 00:27:29 ----A---- C:\WINDOWS\system32\mssrch.dll
2020-02-14 00:27:29 ----A---- C:\WINDOWS\system32\mssprxy.dll
2020-02-14 00:27:29 ----A---- C:\WINDOWS\system32\InputService.dll
2020-02-14 00:27:29 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2020-02-14 00:27:28 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2020-02-14 00:27:28 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2020-02-14 00:27:28 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2020-02-14 00:27:28 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-02-14 00:27:28 ----A---- C:\WINDOWS\system32\mssvp.dll
2020-02-14 00:27:28 ----A---- C:\WINDOWS\system32\mssph.dll
2020-02-14 00:27:28 ----A---- C:\WINDOWS\system32\mssitlb.dll
2020-02-14 00:27:28 ----A---- C:\WINDOWS\system32\msscntrs.dll
2020-02-14 00:27:28 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2020-02-14 00:27:27 ----A---- C:\WINDOWS\system32\dosvc.dll
2020-02-14 00:27:23 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2020-02-14 00:27:23 ----A---- C:\WINDOWS\system32\bisrv.dll
2020-02-14 00:27:22 ----A---- C:\WINDOWS\system32\wups2.dll
2020-02-14 00:27:22 ----A---- C:\WINDOWS\system32\wuaueng.dll
2020-02-14 00:27:22 ----A---- C:\WINDOWS\system32\wuauclt.exe
2020-02-14 00:27:22 ----A---- C:\WINDOWS\system32\win32kbase.sys
2020-02-14 00:27:22 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-02-14 00:27:22 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2020-02-14 00:27:22 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2020-02-14 00:27:21 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-02-14 00:27:21 ----A---- C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-02-14 00:27:21 ----A---- C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-02-14 00:27:21 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2020-02-14 00:27:21 ----A---- C:\WINDOWS\system32\cloudAP.dll
2020-02-14 00:27:21 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2020-02-14 00:27:21 ----A---- C:\WINDOWS\system32\cdd.dll
2020-02-14 00:27:21 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2020-02-14 00:27:20 ----A---- C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-02-14 00:27:20 ----A---- C:\WINDOWS\system32\dstokenclean.exe
2020-02-14 00:27:20 ----A---- C:\WINDOWS\system32\dssvc.dll
2020-02-14 00:27:20 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2020-02-14 00:27:20 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2020-02-14 00:27:20 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-02-14 00:27:20 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-02-14 00:27:20 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-02-14 00:27:19 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-02-14 00:27:18 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-02-14 00:27:17 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-02-14 00:27:17 ----A---- C:\WINDOWS\system32\ReAgent.dll
2020-02-14 00:27:16 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-02-14 00:27:16 ----A---- C:\WINDOWS\system32\StartTileData.dll
2020-02-14 00:27:15 ----A---- C:\WINDOWS\system32\wifitask.exe
2020-02-14 00:27:15 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2020-02-14 00:27:15 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-02-14 00:27:15 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2020-02-14 00:27:15 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2020-02-14 00:27:15 ----A---- C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-02-14 00:27:15 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2020-02-14 00:27:15 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2020-02-14 00:27:15 ----A---- C:\WINDOWS\system32\audiodg.exe
2020-02-14 00:27:15 ----A---- C:\WINDOWS\explorer.exe
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\mciwave.dll
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\mciseq.dll
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\mcicda.dll
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\audiosrv.dll
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\AudioSes.dll
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\AudioEng.dll
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\agentactivationruntime.dll
2020-02-14 00:27:14 ----A---- C:\WINDOWS\system32\AarSvc.dll
2020-02-14 00:27:13 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2020-02-14 00:27:13 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2020-02-14 00:27:13 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2020-02-14 00:27:13 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2020-02-13 23:55:41 ----A---- C:\WINDOWS\system32\poqexec.exe
2020-02-13 23:55:39 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2020-02-08 18:27:00 ----A---- C:\WINDOWS\system32\drivers\fselms.sys
2020-02-08 18:26:54 ----A---- C:\WINDOWS\system32\drivers\fsbts.sys
2020-02-08 18:26:14 ----D---- C:\Program Files (x86)\F-Secure
2020-02-08 18:09:52 ----D---- C:\ProgramData\F-Secure

======List of files/folders modified in the last 1 month======

2020-03-05 14:12:20 ----D---- C:\WINDOWS\system32\drivers\etc
2020-03-05 14:12:11 ----D---- C:\WINDOWS\Prefetch
2020-03-05 14:12:04 ----RD---- C:\Program Files
2020-03-05 14:11:41 ----D---- C:\Users\Aky\AppData\Roaming\qBittorrent
2020-03-05 14:00:46 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-03-05 14:00:29 ----D---- C:\WINDOWS\Temp
2020-03-05 13:43:27 ----D---- C:\WINDOWS\system32\sru
2020-03-05 13:39:45 ----D---- C:\WINDOWS\system32\SleepStudy
2020-03-04 22:43:18 ----RD---- C:\WINDOWS\Microsoft.NET
2020-03-02 19:04:53 ----SHD---- C:\System Volume Information
2020-03-02 19:04:53 ----D---- C:\WINDOWS\system32\catroot2
2020-03-02 12:20:01 ----D---- C:\Program Files\Tom Clancy's Ghost Recon Wildlands
2020-03-01 23:09:03 ----D---- C:\ProgramData\NVIDIA
2020-03-01 12:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2020-02-28 00:08:01 ----HD---- C:\Program Files\WindowsApps
2020-02-28 00:07:48 ----D---- C:\WINDOWS\AppReadiness
2020-02-27 20:47:54 ----D---- C:\WINDOWS\System32
2020-02-27 20:47:54 ----D---- C:\WINDOWS\INF
2020-02-27 20:47:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-27 20:23:32 ----SHDC---- C:\WINDOWS\Installer
2020-02-27 20:21:42 ----D---- C:\Program Files (x86)\Microsoft Office
2020-02-27 20:16:51 ----D---- C:\WINDOWS\system32\Tasks
2020-02-27 20:12:06 ----D---- C:\WINDOWS\system32\CatRoot
2020-02-22 21:33:07 ----D---- C:\WINDOWS\Logs
2020-02-22 19:22:37 ----SD---- C:\Users\Aky\AppData\Roaming\Microsoft
2020-02-19 22:32:30 ----D---- C:\WINDOWS\system32\config
2020-02-18 23:29:30 ----D---- C:\WINDOWS\WinSxS
2020-02-14 23:43:40 ----D---- C:\WINDOWS\CbsTemp
2020-02-14 23:43:36 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2020-02-14 01:14:09 ----D---- C:\WINDOWS\SysWOW64
2020-02-14 01:13:22 ----D---- C:\WINDOWS\system32\DriverStore
2020-02-14 01:08:26 ----D---- C:\WINDOWS\SYSWOW64\oobe
2020-02-14 01:08:26 ----D---- C:\WINDOWS\SYSWOW64\migration
2020-02-14 01:08:26 ----D---- C:\WINDOWS\SYSWOW64\en-US
2020-02-14 01:08:26 ----D---- C:\WINDOWS\SYSWOW64\Dism
2020-02-14 01:08:25 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2020-02-14 01:08:21 ----D---- C:\WINDOWS\SystemResources
2020-02-14 01:08:16 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2020-02-14 01:08:16 ----D---- C:\WINDOWS\system32\wbem
2020-02-14 01:08:16 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2020-02-14 01:08:16 ----D---- C:\WINDOWS\system32\PerceptionSimulation
2020-02-14 01:08:16 ----D---- C:\WINDOWS\system32\oobe
2020-02-14 01:08:16 ----D---- C:\WINDOWS\system32\migration
2020-02-14 01:08:16 ----D---- C:\WINDOWS\system32\ja-jp
2020-02-14 01:08:16 ----D---- C:\WINDOWS\system32\fr-FR
2020-02-14 01:08:16 ----D---- C:\WINDOWS\system32\fr-CA
2020-02-14 01:08:16 ----D---- C:\WINDOWS\system32\en-US
2020-02-14 01:08:16 ----D---- C:\WINDOWS\system32\drivers\UMDF
2020-02-14 01:08:16 ----D---- C:\WINDOWS\system32\drivers
2020-02-14 01:08:15 ----D---- C:\WINDOWS\system32\Dism
2020-02-14 01:08:15 ----D---- C:\WINDOWS\system32\de-DE
2020-02-14 01:08:15 ----D---- C:\WINDOWS\system32\cs-CZ
2020-02-14 01:08:15 ----D---- C:\WINDOWS\system32\Boot
2020-02-14 01:08:02 ----RD---- C:\WINDOWS\PrintDialog
2020-02-14 01:08:02 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2020-02-14 01:08:02 ----D---- C:\WINDOWS\ShellExperiences
2020-02-14 01:08:02 ----D---- C:\WINDOWS\servicing
2020-02-14 01:08:02 ----D---- C:\WINDOWS\bcastdvr
2020-02-14 01:08:02 ----D---- C:\WINDOWS\apppatch
2020-02-14 01:08:02 ----D---- C:\Windows
2020-02-14 01:08:02 ----D---- C:\Program Files\Internet Explorer
2020-02-14 01:08:02 ----D---- C:\Program Files (x86)\Internet Explorer
2020-02-14 01:07:59 ----HD---- C:\ProgramData
2020-02-14 00:37:51 ----D---- C:\WINDOWS\system32\MRT
2020-02-14 00:37:47 ----AC---- C:\WINDOWS\system32\MRT.exe
2020-02-11 22:25:11 ----RSD---- C:\WINDOWS\assembly
2020-02-08 18:27:00 ----HD---- C:\WINDOWS\ELAMBKUP
2020-02-08 18:26:14 ----RD---- C:\Program Files (x86)
2020-02-08 18:20:26 ----D---- C:\Program Files\Common Files
2020-02-08 18:18:10 ----D---- C:\WINDOWS\twain_32
2020-02-08 18:18:09 ----SD---- C:\WINDOWS\system32\UNP
2020-02-08 18:12:51 ----N---- C:\WINDOWS\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fsbts;fsbts; C:\WINDOWS\system32\drivers\fsbts.sys [2020-02-08 57512]
R0 iaStorAC;@oem5.inf,%iaStorAC.DeviceDesc%;Intel(R) Chipset SATA/PCIe RST Premium Controller; C:\WINDOWS\System32\drivers\iaStorAC.sys [2018-04-05 906216]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2019-03-19 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 F-Secure UL HIPS;F-Secure Ultralight HIPS; \??\C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fshs.sys [2020-02-27 103048]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-12-11 457216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 ACPIVPC;@oem7.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2017-07-23 45040]
R3 BHTPCRDR;BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [2017-07-03 174960]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-02-14 117264]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-11-14 114688]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-03-19 133120]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-11-14 98304]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
R3 dtlitescsibus;@oem14.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2018-12-25 30264]
R3 dtliteusbbus;@oem30.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2018-12-25 47672]
R3 FBNetFilter;FBNetFilter; \??\C:\Windows\system32\Drivers\FBNetFlt.sys [2017-09-29 55256]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsulgk.sys [2020-02-27 290144]
R3 fsni;fsni; \??\C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif\1582124234\fsni64.sys [2020-02-19 111472]
R3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
R3 ibtusb;@oem3.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2017-07-19 129008]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igdkmd64.sys [2017-11-05 13422552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2018-10-18 6410288]
R3 IntcDAud;@oem11.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\drivers\IntcDAud.sys [2017-11-05 831008]
R3 MEIx64;@oem8.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2018-05-06 228992]
R3 Netwtw06;___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit; C:\WINDOWS\System32\drivers\Netwtw06.sys [2019-03-19 8723968]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_d03cf07457eb2e04\nvlddmkm.sys [2018-08-02 17538080]
R3 nvvad_WaveExtensible;@oem31.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-07-26 48064]
R3 nvvhci;@oem1.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-07-26 57792]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
R3 rt640x64;@oem27.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-08-20 1009128]
R3 rtsuvc;@oem17.inf,%rtsuvc.DeviceDesc%;EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2017-10-15 3238368]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 fselms;F-Secure Early Launch Malware Scanner; C:\WINDOWS\system32\drivers\fselms.sys [2020-02-08 15296]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-03-19 151352]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-03-19 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-14 18432]
S3 ardrv;ardrv; \??\C:\Users\Default\AppData\Local\Temp\ardrv.sys [2020-02-08 18248]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-11 231936]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2019-11-14 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2019-11-14 1428992]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-09-11 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-10-12 64000]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-02-14 84496]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 iaStorA;Intel(R) Chipset SATA/PCIe RST Premium Controller; C:\WINDOWS\System32\drivers\iaStorA.sys [2017-09-22 905728]
S3 iaStorAfs;@oem5.inf,%iaStorAfs.DisplayName%;iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [2018-04-05 69096]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-14 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-07-26 30144]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-11 986936]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-03-19 33592]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_ec7de9;Uživatelská služba platformy připojených zařízení_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2020-02-12 11096648]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHDCPSvc.exe [2017-11-05 469032]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 Dolby DAX2 API Service;Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [2018-09-25 189464]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2017-10-06 123392]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 fshoster;F-Secure Hoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [2019-11-01 216464]
R2 fsnethoster;F-Secure Hoster (Restricted); C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [2019-11-01 216464]
R2 fsulhoster;F-Secure Ultralight Hoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fshoster64.exe [2020-02-27 584776]
R2 fsulnethoster;F-Secure Ultralight Network Hoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fshoster64.exe [2020-02-27 584776]
R2 fsulorsp;F-Secure Ultralight ORSP Client; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsorsp64.exe [2020-02-27 101248]
R2 fsulprothoster;F-Secure Ultralight Protected Hoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsulprothoster.exe [2020-02-27 584776]
R2 ibtsiva;@oem3.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxCUIService.exe [2017-11-05 398376]
R2 ImControllerService;@oem16.inf,%ImcSvcDisplayName%;System Interface Foundation Service; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2019-09-23 77208]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2017-09-25 197264]
R2 LenovoVantageService;LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\LenovoVantageService.exe [2019-09-16 18200]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2017-09-25 419984]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-03-16 464456]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-09-02 449984]
R2 OneSyncSvc_ec7de9;Hostitel synchronizace_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 PluginLoaderSvc;PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [2017-09-29 1016672]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2018-10-18 268336]
R3 BluetoothUserService_ec7de9;Služba pro podporu uživatelů Bluetooth_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_ec7de9;Uživatelská služba schránky_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHeciSvc.exe [2017-11-05 485928]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-12-17 3644008]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-08-03 43704]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 PimIndexMaintenanceSvc_ec7de9;Data kontaktů_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2020-02-14 928120]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 bookingdesktopapp;bookingDesktopApp Update Service (bookingdesktopapp); C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2020-01-29 102400]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 Intel(R) TPM Provisioning Service;Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [2017-09-21 668472]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_ec7de9;Agent Activation Runtime_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_ec7de9;Uživatelská služba pro GameDVR a vysílání her_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 bookingdesktopappm;bookingDesktopApp Update Service (bookingdesktopappm); C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2020-01-29 102400]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_ec7de9;CaptureService_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_ec7de9;ConsentUX_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 CredentialEnrollmentManagerUserSvc_ec7de9;CredentialEnrollmentManagerUserSvc_ec7de9; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_ec7de9;DeviceAssociationBroker_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_ec7de9;DevicePicker_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_ec7de9;Tok zařízení_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-09-11 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2019-03-27 1595400]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GameRecorderSVC;GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [2017-09-29 458592]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 iaStorAfsService;@oem5.inf,%iaStorAfsWindowsService.Name%;Intel(R) Optane(TM) Memory Service; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2018-04-05 2413024]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2017-09-21 742704]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_ec7de9;Služba zasílání zpráv_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26 512960]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26 512960]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 214840]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_ec7de9;PrintWorkflow_ec7de9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 1264128]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[r.o.s.t.a.c.k.a]

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-06-2020
# Duration: 00:00:18
# OS: Windows 10 Home
# Scanned: 31902
# Detected: 29


***** [ Services ] *****

PUP.Optional.Legacy WCAssistantService

***** [ Folders ] *****

PUP.Optional.WebCompanion C:\Program Files (x86)\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
PUP.Optional.WebCompanion C:\Users\Aky\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_MRPQ523XMEO0CM2M0N5VJ25Z3NZKGEP4
PUP.Optional.WebCompanion C:\Users\Aky\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
PUP.Optional.WebCompanion C:\Users\Aky\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{dd125705-c7e7-470b-83e8-cb5a2f207ef6}|DisplayIcon
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{dd125705-c7e7-470b-83e8-cb5a2f207ef6}|DisplayName
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{dd125705-c7e7-470b-83e8-cb5a2f207ef6}|UninstallString
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\WebCompanion.exe
PUP.Optional.WebCompanion HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoIMController Folder C:\Program Files (x86)\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Program Files\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\Aky\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\drivers\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1


AdwCleaner[S00].txt - [4361 octets] - [05/03/2020 15:40:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

[Rudy]

Smažte nalezené položky a pak dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

[r.o.s.t.a.c.k.a]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by Aky (08-03-2020 17:30:25)
Running from C:\Users\Aky\Desktop
Windows 10 Home Version 1903 18362.657 (X64) (2019-08-03 15:39:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2098762905-3211463788-3312216701-500 - Administrator - Disabled)
Aky (S-1-5-21-2098762905-3211463788-3312216701-1001 - Administrator - Enabled) => C:\Users\Aky
DefaultAccount (S-1-5-21-2098762905-3211463788-3312216701-503 - Limited - Disabled)
Guest (S-1-5-21-2098762905-3211463788-3312216701-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2098762905-3211463788-3312216701-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2098762905-3211463788-3312216701-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: F-Secure SAFE (Enabled - Up to date) {8AC831E5-DF57-0DC0-D07B-4DE1A5FFFD9A}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Assassin's Creed Odyssey (HKLM-x32\...\{B7EC622B-1979-450E-8281-C5648506DB83}_is1) (Version: - Ubisoft)
Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.8) (HKLM\...\E5372C32E8562C76C24DBA6525002B1031495F34) (Version: 06/09/2010 7.01.0.8 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (10/07/2010 4.6) (HKLM\...\6DA48AFDE796708D5A4C9121A83E7617A63A9A15) (Version: 10/07/2010 4.6 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Battlefield 1 (HKLM-x32\...\Battlefield 1_is1) (Version: 1.3.3 - EA DICE)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
Compiled Driver Disk (Android) 1.0 (HKLM\...\{759A91E8-0024-45F3-A8F3-CDC5E13B4425}_is1) (Version: 1.0.9.9 - COMPELSON Labs)
Compiled Driver Disk (Huawei) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811210}_is1) (Version: 1.0.9.8 - COMPELSON Labs)
Compiled Driver Disk (Nokia) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811205}_is1) (Version: 1.0.9.3 - COMPELSON Labs)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0677 - Disc Soft Ltd)
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
DraftSight 2018 SP0 x64 (HKLM\...\{99275069-64ED-476E-A87B-756DC6C8BA59}) (Version: 18.0.2051 - Dassault Systemes)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.4.0 - Ubisoft)
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
F-Secure SAFE (HKLM-x32\...\{9DEBA07D-5FCD-42F8-88F7-0232DC284B47}) (Version: 17.7 - F-Secure Corporation)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
K-Lite Mega Codec Pack 14.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
Lenovo Entertainment Hub (HKLM-x32\...\{2994AD9D-6FB9-411E-9D88-C009DE04DC51}_is1) (Version: 1.3.28 - Beyond Media)
Lenovo Nerve Center Core Component (HKLM\...\{DCB4DFB5-93CA-4BDD-9D08-CE880626B46E}_is1) (Version: 3.0.14.13 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 2.5.47.0 - Lenovo Group Ltd.)
Metal Gear Solid V: The Phantom Pain (HKLM-x32\...\{48397BFF-7C01-4B64-8F1A-0D468DDE5D73}_is1) (Version: - Kojima Productions)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.12527.20242 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
MOBILedit Enterprise 9.0.1.21994 (HKLM-x32\...\{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1) (Version: 9.0.1.21994 - COMPELSON Labs)
MOBILedit! Support Libraries (HKLM-x32\...\{9DF587A2-054C-46A2-9B1A-4A230F389E4B}) (Version: 12.0.0 - COMPELSON Labs)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
Multiecuscan (HKLM-x32\...\{51D649F1-29A9-4924-BF5F-6D907EF8C497}) (Version: 4.3 - FES Soft Ltd.)
Nokia Connectivity Cable Driver (HKLM-x32\...\{4216D328-0FE8-48B8-85B8-BD300E6F080F}) (Version: 7.1.36.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{F38FD0E4-B991-462B-873D-F2115EADD093}) (Version: 7.1.60.0 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.60.0 - Nokia)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.25 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.25 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20242 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.20194 - Microsoft Corporation) Hidden
Opera Stable 66.0.3515.115 (HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\Opera 66.0.3515.115) (Version: 66.0.3515.115 - Opera Software)
Ovládací panel NVIDIA 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.25 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
Phone Drivers Downloader 1.1 (HKLM\...\{BDDB58A5-F98E-4D3C-B554-4A4D31C6D405}_is1) (Version: 1.1.0.0 - COMPELSON Labs)
qBittorrent 4.2.0 (HKLM-x32\...\qBittorrent) (Version: 4.2.0 - The qBittorrent project)
Room Arranger (32-bit) (HKLM-x32\...\Room Arranger) (Version: 9.5.5 - Jan Adamec)
Subnautica (HKLM-x32\...\Subnautica_is1) (Version: - )
Sweet Home 3D version 3.4 (HKLM-x32\...\Sweet Home 3D_is1) (Version: - eTeks)
Terminator: Resistance (HKLM-x32\...\Terminator: Resistance_is1) (Version: - )
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
Tom Clancy's Ghost Recon Wildlands (HKLM\...\Tom Clancys Ghost Recon Wildlands_is1) (Version: 1.0 - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-3) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\Wargaming.net Game Center) (Version: 19.9.2.8852 - Wargaming.net)
WhatsApp (HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\WhatsApp) (Version: 0.4.315 - WhatsApp)
World of Tanks EU (HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-29] (Microsoft Corporation)
Lenovo Nerve Center -> C:\Program Files\WindowsApps\E0469640.NerveCenter_3.0.14.0_x64__5grkq8ppsgwt4 [2018-12-25] (LENOVO INC)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2001.12.0_x64__k1h2ywk1493x8 [2020-02-28] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.4.0_x64__5grkq8ppsgwt4 [2020-01-02] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-12-25] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-28] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-07] (Microsoft Corporation) [MS Ad]
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [F-Secure DataGuard Icon Overlay] -> {CA789262-D278-40F7-AC12-19C0395F9DD9} => C:\Program Files (x86)\F-Secure\SAFE\FsShellExtension64.dll [2019-11-01] (F-Secure Corporation -> F-Secure Corporation)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxDTCM.dll [2017-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Aky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multiecuscan\Multiecuscan Web Site.lnk -> hxxp://www.multiecuscan.net

==================== Loaded Modules (Whitelisted) =============

2020-03-05 13:43 - 2019-05-28 14:06 - 001021440 _____ () [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2020-01-29 23:49 - 2020-01-29 23:49 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll
2010-12-09 12:20 - 2010-12-09 12:20 - 000027136 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2010-10-18 12:57 - 2010-10-18 12:57 - 001355264 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2010-11-01 14:58 - 2010-11-01 14:58 - 000908288 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PhoneBrowser64.dll
2008-08-25 07:23 - 2008-08-25 07:23 - 000573440 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2019-08-03 16:07 - 2018-03-16 08:47 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2019-11-29 20:30 - 2019-10-27 05:36 - 001261568 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2017-10-06 15:40 - 2017-10-06 15:40 - 005584896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Dassault Systemes\DraftSight\bin\Qt5Core.dll
2017-10-06 15:40 - 2017-10-06 15:40 - 001065472 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Dassault Systemes\DraftSight\bin\Qt5Network.dll
2017-10-06 15:40 - 2017-10-06 15:40 - 000193536 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Dassault Systemes\DraftSight\bin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2020-03-05 14:12 - 000000832 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{2D4206B4-6B9E-435A-BF33-AA8055874AB3}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{9958A575-D3D3-446D-94B7-3693B7E9E686}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{EEE96394-C22A-4B7D-B9C6-3D6A42016BD4}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{9A04EC5E-CEC0-4A0F-A495-64A94B00BB7F}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{494DB77A-8EB6-48A8-A313-231C14A5EDF4}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E9E3870D-D6B0-4A3D-9E78-90E9654B0FAA}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{6504C755-56CA-4762-A1F1-0A41352E281E}C:\program files (x86)\ea dice\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\ea dice\battlefield 1\bf1.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [TCP Query User{818A3ABB-A5BF-467B-9EC3-6029FD9EC03B}C:\program files (x86)\ea dice\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\ea dice\battlefield 1\bf1.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [UDP Query User{D4D2C03E-895E-4DB1-AD2B-E157E77C4312}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{DD5FD940-C670-4081-B8FB-57ABF9587E4D}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{E62A5BD5-D27D-4580-A51F-AA86A6B53238}C:\games\subnautica\subnautica.exe] => (Allow) C:\games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [TCP Query User{6BFD93A5-7BC5-45D6-A084-C7F116BA7872}C:\games\subnautica\subnautica.exe] => (Allow) C:\games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [UDP Query User{7E74FB5C-E759-4BC6-A0D8-37B97648694E}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{318215DB-FC06-4EFC-854A-3002A0F90B11}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{12C9CFF6-D51E-4C13-BFEF-492BAC789F37}C:\hry\dying light\dyinglightgame.exe] => (Allow) C:\hry\dying light\dyinglightgame.exe No File
FirewallRules: [TCP Query User{59A2D4F8-EC5B-4FC8-9C7E-719849011EAA}C:\hry\dying light\dyinglightgame.exe] => (Allow) C:\hry\dying light\dyinglightgame.exe No File
FirewallRules: [UDP Query User{637270BD-1C44-4094-85B4-1D1DA031B201}C:\users\aky\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\aky\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [TCP Query User{261167CD-B522-4563-8D74-311E31BFBAA0}C:\users\aky\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\aky\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [TCP Query User{E62E11B0-A8F0-458D-B7A8-70AE811C8125}C:\hry\far cry 4\bin\ige_wpf64.exe] => (Block) C:\hry\far cry 4\bin\ige_wpf64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [UDP Query User{A45BDCEF-2BAB-4C37-84DC-2A819E4F9F6B}C:\hry\far cry 4\bin\ige_wpf64.exe] => (Block) C:\hry\far cry 4\bin\ige_wpf64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{01CA3DB7-ECBA-4595-B6BD-9F446E9EA319}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{18EAF168-C3C8-4722-A4C1-00CD4070EE4A}C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe No File
FirewallRules: [UDP Query User{3B957BA5-8C2D-4390-83AC-59708955212C}C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe No File
FirewallRules: [{6F593A99-2B58-4202-8ADD-352C4403D23E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{65A60204-D59F-4F72-BB75-CF397DB35799}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{82E095A3-C144-4345-A080-ADDED3D0137F}C:\program files (x86)\ea dice\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\ea dice\battlefield 1\bf1.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [UDP Query User{B54B7155-F6D2-42A2-B8E9-03A5820996A2}C:\program files (x86)\ea dice\battlefield 1\bf1.exe] => (Allow) C:\program files (x86)\ea dice\battlefield 1\bf1.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [TCP Query User{3F392ED2-4FE4-44E5-9E5A-7CB6A055E664}C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe No File
FirewallRules: [UDP Query User{283B4A57-626E-4833-94E5-ACFC015E68EE}C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe No File
FirewallRules: [TCP Query User{7DD92563-D803-43A2-AF66-6DE7CBD8FE54}C:\hry\far cry 4\bin\farcry4.exe] => (Allow) C:\hry\far cry 4\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{BBE214A3-9C89-4849-BE27-6C775845EF4D}C:\hry\far cry 4\bin\farcry4.exe] => (Allow) C:\hry\far cry 4\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{F70E989B-A014-4903-B5AF-309897FED1D3}C:\program files\tom clancy's ghost recon wildlands\grw.exe] => (Allow) C:\program files\tom clancy's ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
FirewallRules: [UDP Query User{BF572939-5817-4461-9D49-240937E688B5}C:\program files\tom clancy's ghost recon wildlands\grw.exe] => (Allow) C:\program files\tom clancy's ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
FirewallRules: [TCP Query User{E7856E35-5440-4DB3-B106-EC0B9AA7D4D6}C:\users\aky\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\aky\appdata\local\programs\opera\66.0.3515.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{0B01F979-6EF8-4618-B25A-16D893A23CAA}C:\users\aky\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\aky\appdata\local\programs\opera\66.0.3515.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{9CB2CEC8-CBD6-49EE-8F68-8AB54CB4FFAB}C:\users\aky\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Block) C:\users\aky\appdata\local\programs\opera\66.0.3515.115\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{D5E51ED3-2765-4901-A5C4-03B87BA8BC8E}C:\users\aky\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Block) C:\users\aky\appdata\local\programs\opera\66.0.3515.115\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

13-02-2020 22:18:04 Naplánovaný kontrolní bod
22-02-2020 21:28:57 Naplánovaný kontrolní bod
02-03-2020 19:04:11 Naplánovaný kontrolní bod
06-03-2020 23:01:29 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/08/2020 05:31:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5380,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/08/2020 05:16:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10760,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/08/2020 12:57:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6076,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/08/2020 12:48:08 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9540,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/07/2020 12:34:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12412,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/06/2020 11:32:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16948,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/06/2020 11:10:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8528,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/06/2020 07:25:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17052,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (03/08/2020 05:32:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (03/08/2020 05:23:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/08/2020 05:19:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv06.dll

Error: (03/08/2020 05:19:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv06.dll

Error: (03/08/2020 05:19:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba Windows Media Player Network Sharing závisí na službě Windows Search, která neuspěla při spuštění v důsledku následující chyby:
Služba nebyla spuštěna.

Error: (03/08/2020 05:19:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv06.dll

Error: (03/08/2020 05:19:03 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-RU4N1R90)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/08/2020 05:19:03 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-RU4N1R90)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================

Date: 2020-03-08 17:24:48.464
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-08 17:24:36.446
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-08 17:24:36.332
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-08 17:24:36.297
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-08 17:24:36.109
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-08 17:24:36.088
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-08 17:24:35.936
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-08 17:24:35.514
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: LENOVO 4KCN40WW 10/17/2017
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 40%
Total physical RAM: 8084.16 MB
Available physical RAM: 4806.5 MB
Total Virtual: 10260.16 MB
Available Virtual: 5833.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1836.77 GB) (Free:550.61 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:11.21 GB) NTFS

\\?\Volume{5570ed7b-9451-47e2-9b9e-06d0610f45cb}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{cee628d1-14a6-4ee2-a5ed-5b5711e4b585}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 45167814)

Partition: GPT.

==================== End of Addition.txt =======================

[r.o.s.t.a.c.k.a]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2020
Ran by Aky (administrator) on LAPTOP-RU4N1R90 (LENOVO 80WK) (08-03-2020 17:25:58)
Running from C:\Users\Aky\Desktop
Loaded Profiles: Aky (Available Profiles: Aky)
Platform: Windows 10 Home Version 1903 18362.657 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(Dassault Systèmes) [File not signed] C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fshoster64.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fshoster64.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsorsp64.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsulprothoster.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\HotkeyMonitor.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.4.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.135.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MpCmdRun.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NerveCenterTray] => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe [258400 2017-09-29] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1922496 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\Run: [Opera Browser Assistant] => C:\Users\Aky\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3024408 2020-03-03] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {0ff919d3-084d-11e9-9304-e470b83cc642} - "E:\setup.exe"
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {8ec32b28-0447-11ea-932d-e470b83cc642} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {f44f357f-0867-11e9-9307-e470b83cc642} - "F:\OriginSetup.exe"
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {f44f360e-0867-11e9-9307-e470b83cc642} - "G:\setup.exe"
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {f44f3a39-0867-11e9-9307-e470b83cc642} - "H:\stp-grw.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03EF1789-21C3-4E0C-BBBC-0D2388CF4960} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\50c5bd8a-308f-4628-827c-0e07590d3b85 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {1EFAC444-9CC9-4095-B417-DC68875A9DA0} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-01-29] (bookingDesktopApp.) [File not signed]
Task: {2E32AD5C-FA90-4747-BF7A-4162F0068ECD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2E80D12E-F4D6-43D8-9C5C-49ADF917E1DA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-02-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {2EEFF8C1-A5F1-4CB1-8ECB-629162755249} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1714112 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {348CC71D-E0CA-4082-AAB4-21962E20D99D} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-01-29] (bookingDesktopApp.) [File not signed]
Task: {353230D1-0DA5-4FAE-ACE6-C3B7D027716C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3A101875-1146-47E4-9859-E6A851038812} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436672 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F9CDDE6-49B7-49B4-8483-6F8147BBAB1F} - System32\Tasks\NerveCenterUpdate => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe [756064 2017-09-29] (LENOVO -> Lenovo(beijing) Limited)
Task: {43407554-63D9-4128-BE74-E08365D79113} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {454F9F3D-E176-4DAD-9401-CA7CA6DDFBA2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4C86C1A0-7501-48D8-ACE9-C7E9A90A1F04} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => "%windir%\system32\WindowsPowerShell\v1.0\PowerShell.exe" "powershell -executionpolicy bypass -file %ProgramData%\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\data\Maintenance.ps1"
Task: {57990EC6-F2B7-477D-B406-82FD859963F6} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {6A781A23-8286-4C39-93B1-F404CD22953D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {75514216-EEBC-4A74-899D-5E10B06CE843} - System32\Tasks\Aky => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Aky /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== ATTENTION
Task: {771D6D9B-A332-4E28-ADF0-13A8BA4F1235} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\F-Secure\SAFE\fs_hotfix.exe [280464 2019-11-01] (F-Secure Corporation -> F-Secure Corporation)
Task: {78A49EA2-D079-4937-AC6F-B8FEAAF1BA65} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9a3f2add-6419-49b2-a53e-0f83f47425f9 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {8AE6A5F4-F152-4EBA-BA15-366C2DD2164A} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {98A18D0B-A5F7-4E00-AEA6-35484D32CD8B} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {9F9D8030-899F-4F96-95BC-CD0C0D8751BB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946112 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A22D064D-C545-4FAB-B90D-E4732DB92CDE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115240 2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {AFC181D5-7FE1-4678-8E51-A3A8836561BC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B17ECFDD-B7CB-4965-A0F5-3D866D509722} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54144 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {C667323D-27CE-4114-BD6D-AD9E3D299320} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ebdc6ce7-1149-4f36-a2ef-9f4ceb2c5399 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {D2F3E114-17D2-406F-A6EA-EF26BCAC2BD8} - System32\Tasks\Opera scheduled assistant Autoupdate 1582831009 => C:\Users\Aky\AppData\Local\Programs\Opera\launcher.exe [1532952 2020-02-24] (Opera Software AS -> Opera Software)
Task: {E1135CD6-9FE3-4999-9882-A2C182F43A32} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-02-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {E37F7192-2277-4CC2-890C-32AAB5DD8308} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e6cbc50a-d9cc-4ea9-9f61-38b391b38ef1 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {E80DF71D-C85E-4FAA-A46E-D71A083A4B29} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {ED576FE9-FC68-4287-8BD3-849FCE324090} - System32\Tasks\Opera scheduled Autoupdate 1545689848 => C:\Users\Aky\AppData\Local\Programs\Opera\launcher.exe [1532952 2020-02-24] (Opera Software AS -> Opera Software)
Task: {F8FA12ED-5D74-4B30-9816-8CBA49594805} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115240 2020-03-06] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2e367dee-cb7c-4fbe-b46b-79e7f3db05db}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fe51a19c-81cf-4c5d-8276-fc30223cc02e}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-2098762905-3211463788-3312216701-1001 -> DefaultScope {898B8E4C-D7DF-41D0-8BE2-A9AE8BE39E49} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif\1582124234\browser\install\fs_ie_https\fs_ie_https64.dll [2020-02-19] (F-Secure Corporation -> F-Secure Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif\1582124234\browser\install\fs_ie_https\fs_ie_https.dll [2020-02-19] (F-Secure Corporation -> F-Secure Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Notifications: HKU\S-1-5-21-2098762905-3211463788-3312216701-1001 -> hxxps://www.topserialy.to

FireFox:
========
FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif\1582124234\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif\1582124234\browser\install\fs_firefox_https\fs_firefox_https.xpi [2020-02-19]
FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif\1582124234\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-01-29] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-01-29] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-16] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-16] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-01-29] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-01-29] (bookingDesktopApp.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-02-29] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3644008 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2017-10-06] (Dassault Systèmes) [File not signed]
R2 fshoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [216464 2019-11-01] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [216464 2019-11-01] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fshoster64.exe [584776 2020-02-27] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulnethoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fshoster64.exe [584776 2020-02-27] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulorsp; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsorsp64.exe [101248 2020-02-27] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsulprothoster.exe [584776 2020-02-27] (F-Secure Corporation -> F-Secure Corporation)
S3 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [458592 2017-09-29] (LENOVO -> Lenovo(beijing) Limited)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2413024 2018-04-05] (Intel Corporation -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515232 2017-07-19] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\LenovoVantageService.exe [18200 2019-09-16] (Lenovo -> Lenovo Group Ltd.)
R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [1016672 2017-09-29] (LENOVO -> Lenovo(beijing) Limited)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [291496 2018-01-29] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ardrv; C:\Users\Default\AppData\Local\Temp\ardrv.sys [18248 2020-02-08] (OPSWAT, Inc. -> OPSWAT, Inc.) <==== ATTENTION
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [174960 2017-07-03] (BayHub Technology Inc. -> BayHubTech/O2Micro )
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-12-25] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-12-25] (Disc Soft Ltd -> Disc Soft Ltd)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fsulgk.sys [290144 2020-02-27] (F-Secure Corporation -> F-Secure Corporation)
R1 F-Secure UL HIPS; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1582649652\fshs.sys [103048 2020-02-27] (F-Secure Corporation -> F-Secure Corporation)
S3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [55256 2017-09-29] (Lenovo (Beijing) Co., Ltd. -> Lenovo(beijing) Limited)
R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [57512 2020-02-08] (F-Secure Corporation -> )
S0 fselms; C:\WINDOWS\System32\drivers\fselms.sys [15296 2020-02-08] (Microsoft Windows Early Launch Anti-malware Publisher -> F-Secure Corporation)
R3 fsni; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif\1582124234\fsni64.sys [111472 2020-02-19] (F-Secure Corporation -> F-Secure Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [906216 2018-04-05] (Intel Corporation -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [69096 2018-04-05] (Intel Corporation -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [207384 2018-07-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8723968 2019-03-19] (Microsoft Windows -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_d03cf07457eb2e04\nvlddmkm.sys [17538080 2018-08-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [25600 2008-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1009128 2017-08-20] (Realtek Semiconductor Corp. -> Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3238368 2017-10-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55976 2018-01-29] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-08-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344288 2019-08-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-03] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-08 17:25 - 2020-03-08 17:28 - 000029059 _____ C:\Users\Aky\Desktop\FRST.txt
2020-03-08 17:24 - 2020-03-08 17:24 - 002279936 _____ (Farbar) C:\Users\Aky\Desktop\FRST64.exe
2020-03-06 19:37 - 2020-03-06 19:56 - 1412177920 _____ C:\Users\Aky\Downloads\Zemrit mladi - We.Die.Young.2019.480p.BluRay.CZ.dabing.avi
2020-03-06 19:37 - 2020-03-06 19:37 - 000013897 _____ C:\Users\Aky\Downloads\[CzT]Zemrit_mladi_We_Die_Young_2019_CZ_.torrent
2020-03-06 19:34 - 2020-03-06 19:53 - 1149219176 _____ C:\Users\Aky\Downloads\Dobrodruh Flynn 2018 CZ.mkv
2020-03-06 19:34 - 2020-03-06 19:34 - 000088072 _____ C:\Users\Aky\Downloads\[CzT]Dobrodruh_Flynn_In_Like_Flynn_2018_CZ_.torrent
2020-03-06 19:33 - 2020-03-06 19:53 - 1612036096 _____ C:\Users\Aky\Downloads\Black and Blue.avi
2020-03-06 19:33 - 2020-03-06 19:33 - 000015757 _____ C:\Users\Aky\Downloads\[CzT]Black_and_Blue_2019_CZ_WebRip_.torrent
2020-03-06 19:29 - 2020-03-06 19:50 - 000000000 ____D C:\Users\Aky\Downloads\Krvava nevesta-Ready.or.Not.2019.CZ.BRRip.XViD.DD5.1-BST
2020-03-06 19:28 - 2020-03-06 19:28 - 000017464 _____ C:\Users\Aky\Downloads\[CzT]Krvava_nevesta_Ready_or_Not_2019_CZ_.torrent
2020-03-06 17:59 - 2020-03-06 17:59 - 008063696 _____ C:\Users\Aky\Desktop\citroen-c4-picasso.pdf
2020-03-06 15:56 - 2020-03-06 16:02 - 1253176342 _____ C:\Users\Aky\Downloads\Trojitá hrozba 2019 CZ DABING.avi
2020-03-06 15:44 - 2020-03-06 15:44 - 000012354 _____ C:\Users\Aky\Downloads\[CzT]Trojita_hrozba_Triple_Threat_2019_CZ_TvRip_720p_.torrent
2020-03-06 15:40 - 2020-03-06 16:02 - 1517280794 _____ C:\Users\Aky\Downloads\To poslední, co chtěl 2020 CZ.avi
2020-03-06 15:39 - 2020-03-06 15:39 - 000014874 _____ C:\Users\Aky\Downloads\[CzT]To_posledni_co_chtel_The_Last_Thing_He_Wanted_2020_CZ_WebRip_.torrent
2020-03-06 15:36 - 2020-03-06 15:56 - 1804095488 _____ C:\Users\Aky\Downloads\Charlieho andílci Charlie's.Angels.2019.480p.WEBRip.CZ.dabing.avi
2020-03-06 15:36 - 2020-03-06 15:36 - 000017645 _____ C:\Users\Aky\Downloads\[CzT]Charlieho_andilci_Charlie_s_Angels_2019_CZ_WebRip_.torrent
2020-03-06 15:35 - 2020-03-06 15:55 - 1781393744 _____ C:\Users\Aky\Downloads\Terminátor Temný osud.mkv
2020-03-06 15:35 - 2020-03-06 15:35 - 000017386 _____ C:\Users\Aky\Downloads\[CzT]Terminator_Temny_osud_Terminator_Dark_Fate_2019_CZ_.torrent
2020-03-05 20:20 - 2020-03-08 17:26 - 000000000 ____D C:\Users\Aky\Downloads\opera autoupdate
2020-03-05 17:36 - 2020-03-05 17:36 - 000028481 _____ C:\Users\Aky\Downloads\[CzT]Jak_vycvicit_draky_Dragons_Riders_of_Berk_2_serie_CZ_TvRip_.torrent
2020-03-05 17:35 - 2020-03-05 17:36 - 000000000 ____D C:\Users\Aky\Downloads\Jak vycvičit draky (Dragon, Riders of Berk)
2020-03-05 17:35 - 2020-03-05 17:35 - 000028754 _____ C:\Users\Aky\Downloads\[CzT]Jak_vycvicit_draky_Dragons_Riders_of_Berk_1_serie_CZ_TVRip_.torrent
2020-03-05 15:39 - 2020-03-08 17:18 - 000000000 ____D C:\AdwCleaner
2020-03-05 15:38 - 2020-03-05 15:38 - 008199856 _____ (Malwarebytes) C:\Users\Aky\Desktop\adwcleaner_8.0.3.exe
2020-03-05 14:12 - 2020-03-05 14:12 - 000000000 ____D C:\rsit
2020-03-05 14:12 - 2020-03-05 14:12 - 000000000 ____D C:\Program Files\trend micro
2020-03-05 14:11 - 2020-03-05 14:11 - 001222144 _____ C:\Users\Aky\Desktop\RSITx64.exe
2020-03-05 13:43 - 2020-03-05 13:44 - 000000000 ____D C:\Břicháč tom
2020-03-02 18:40 - 2020-03-02 18:54 - 000000000 ____D C:\Users\Aky\Desktop\MANDA
2020-03-02 18:27 - 2020-03-04 10:23 - 000000000 ____D C:\Users\Aky\Desktop\Nová složka
2020-02-27 20:48 - 2020-02-27 20:48 - 000000000 ____D C:\Users\Aky\opera autoupdate
2020-02-27 20:16 - 2020-03-05 20:20 - 000004440 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582831009
2020-02-27 20:15 - 2020-02-27 20:23 - 1533153101 _____ C:\Users\Aky\Downloads\Kin.2018.480p.CZ.mkv
2020-02-22 21:02 - 2020-02-22 21:12 - 1945151437 _____ C:\Users\Aky\Downloads\Zloba Královna všeho zlého 2019 (CZ dab.).mkv
2020-02-15 19:12 - 2020-02-15 20:26 - 1122191678 _____ C:\Users\Aky\Downloads\Alenka v zemi zázraků 2018 CZ DABING.avi
2020-02-15 18:55 - 2020-02-15 19:12 - 1816457276 _____ C:\Users\Aky\Downloads\Alice.Through.the.Looking.Glass.2016.BDRip.x264.CZ-PiRaTE.mkv
2020-02-14 01:14 - 2020-02-03 21:56 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-02-14 01:14 - 2020-02-03 21:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-14 01:07 - 2020-02-14 01:07 - 000000000 ____D C:\ProgramData\ssh
2020-02-14 00:29 - 2020-02-14 00:29 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 019813376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 005502464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-02-14 00:29 - 2020-02-14 00:29 - 004308480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-02-14 00:29 - 2020-02-14 00:29 - 002493720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 002314952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 001541632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-02-14 00:29 - 2020-02-14 00:29 - 001417760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 001272360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 001105776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-02-14 00:29 - 2020-02-14 00:29 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-02-14 00:28 - 2020-02-14 00:29 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 018026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 006519752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 006284800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 005912064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 004856832 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 004575232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 004348616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 003967888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 003820032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 003484672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-02-14 00:28 - 2020-02-14 00:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-02-14 00:28 - 2020-02-14 00:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-02-14 00:28 - 2020-02-14 00:28 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 002260176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 002230232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 002225160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 002032128 _____ C:\WINDOWS\system32\rdpnano.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001693184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001664680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001489064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001283592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-02-14 00:28 - 2020-02-14 00:28 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001218120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001077264 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000904504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000774664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000597816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000568120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000542288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-02-14 00:28 - 2020-02-14 00:28 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000441072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-02-14 00:28 - 2020-02-14 00:28 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000405632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000366416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-02-14 00:28 - 2020-02-14 00:28 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000300392 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000274464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-02-14 00:28 - 2020-02-14 00:28 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\recdisc.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000190256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-02-14 00:28 - 2020-02-14 00:28 - 000186880 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000150536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000133464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-02-14 00:28 - 2020-02-14 00:28 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000059221 _____ C:\WINDOWS\system32\srms.dat
2020-02-14 00:28 - 2020-02-14 00:28 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000042512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-02-14 00:28 - 2020-02-14 00:28 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-02-14 00:28 - 2020-02-14 00:28 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2020-02-14 00:28 - 2020-02-14 00:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-02-14 00:28 - 2020-02-14 00:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-02-14 00:28 - 2020-02-14 00:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-02-14 00:28 - 2020-02-14 00:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-02-14 00:28 - 2020-02-14 00:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-02-14 00:28 - 2020-02-14 00:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-02-14 00:28 - 2020-02-14 00:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-02-14 00:28 - 2020-02-14 00:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-02-14 00:28 - 2020-02-14 00:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-02-14 00:28 - 2020-02-14 00:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-02-14 00:28 - 2020-02-14 00:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-02-14 00:28 - 2020-02-14 00:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-02-14 00:27 - 2020-02-14 00:28 - 000375504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 009929016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 007905208 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 006231200 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 006167552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 004615376 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 004562896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 003792384 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 003550208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 003372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 003110400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 002988552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 002773776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 002766088 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 002714624 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 002125904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 002084576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 002071552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001916744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001858560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-02-14 00:27 - 2020-02-14 00:27 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-02-14 00:27 - 2020-02-14 00:27 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 001182232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001154448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001149928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001051448 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000928120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000891736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000875448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000857088 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-02-14 00:27 - 2020-02-14 00:27 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000824848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000804872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000758800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000732200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000678928 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000642008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000587064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000516648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-02-14 00:27 - 2020-02-14 00:27 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000459896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000437776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000416056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000369504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000335448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000324616 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000311096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000296760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000259984 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000194064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000186672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000179720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000143160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000132624 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000128528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000117264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000106808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSystray.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcicda.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcicda.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000037392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2020-02-14 00:27 - 2020-02-14 00:27 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciseq.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciseq.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-02-14 00:27 - 2020-02-14 00:27 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-02-14 00:27 - 2020-02-14 00:27 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2020-02-13 23:55 - 2020-02-13 23:55 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-02-13 23:55 - 2020-02-13 23:55 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-02-13 20:34 - 2020-02-15 22:20 - 736442368 _____ C:\Users\Aky\Downloads\Alex Cross.avi
2020-02-09 14:02 - 2020-02-13 23:53 - 688370556 _____ C:\Users\Aky\Downloads\V mysli vraha.2015.BluRay.720p.x264CZ_SK_EN-DTS.mkv
2020-02-09 11:25 - 2020-02-09 11:27 - 000000000 ____D C:\Users\Aky\Downloads\Hannibal - 1 - 3 - Komplet kolekce - 1080p (CZ)
2020-02-08 18:27 - 2020-02-08 18:26 - 000015296 _____ (F-Secure Corporation) C:\WINDOWS\system32\Drivers\fselms.sys
2020-02-08 18:26 - 2020-02-08 18:26 - 000057512 _____ C:\WINDOWS\system32\Drivers\fsbts.sys
2020-02-08 18:26 - 2020-02-08 18:26 - 000002024 _____ C:\Users\Public\Desktop\F-Secure SAFE.lnk
2020-02-08 18:26 - 2020-02-08 18:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\F-Secure
2020-02-08 18:26 - 2020-02-08 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure
2020-02-08 18:26 - 2020-02-08 18:26 - 000000000 ____D C:\Program Files (x86)\F-Secure
2020-02-08 18:16 - 2020-02-08 18:16 - 000000000 ____D C:\Users\Default\AppData\Roaming\Opera Software
2020-02-08 18:16 - 2020-02-08 18:16 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Opera Software
2020-02-08 18:09 - 2020-02-09 11:21 - 000000000 ____D C:\Users\Aky\AppData\Local\F-Secure
2020-02-08 18:09 - 2020-02-08 18:27 - 000000000 ____D C:\ProgramData\F-Secure
2020-02-08 18:08 - 2020-02-08 18:08 - 001796992 ____N (F-Secure Corporation) C:\Users\Aky\Desktop\F-Secure-Safe-Network-Installer_3yfoq215o1bas_.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-08 17:27 - 2019-01-26 20:15 - 000000000 ____D C:\FRST
2020-03-08 17:24 - 2019-08-03 16:23 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-08 17:24 - 2019-03-19 12:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-03-08 17:24 - 2019-03-19 12:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-03-08 17:24 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-03-08 17:22 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-08 17:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-03-08 17:21 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-08 17:21 - 2018-12-25 15:06 - 000000000 __SHD C:\Users\Aky\IntelGraphicsProfiles
2020-03-08 17:20 - 2019-08-03 16:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-08 17:20 - 2017-12-24 15:19 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-08 17:19 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-03-08 17:18 - 2018-12-24 23:27 - 000000000 ____D C:\Users\Aky\AppData\Roaming\Lavasoft
2020-03-08 17:18 - 2018-12-24 23:27 - 000000000 ____D C:\Users\Aky\AppData\Local\Lavasoft
2020-03-08 17:18 - 2018-12-24 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-03-08 17:18 - 2018-12-24 23:27 - 000000000 ____D C:\ProgramData\Lavasoft
2020-03-08 17:18 - 2018-12-24 23:27 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-03-08 17:12 - 2019-12-07 21:57 - 000000000 ____D C:\Users\Aky\AppData\Roaming\qBittorrent
2020-03-08 17:11 - 2019-08-03 16:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-06 23:03 - 2017-12-24 14:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-03-05 20:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-03-05 14:07 - 2019-02-16 13:49 - 000000000 ____D C:\Users\Aky\Downloads\cpy-mgs5tpp
2020-03-02 18:33 - 2019-12-26 20:39 - 000000000 ____D C:\Users\Aky\Downloads\Na špatné straně 2018 CZ
2020-03-02 18:27 - 2019-01-01 18:33 - 000000000 ____D C:\Users\Aky\Downloads\Equalizer 2 CZ
2020-03-02 12:20 - 2019-12-28 21:20 - 000000000 ____D C:\Program Files\Tom Clancy's Ghost Recon Wildlands
2020-03-01 20:09 - 2019-08-03 16:13 - 000000000 ____D C:\Users\Aky
2020-03-01 20:01 - 2019-08-03 16:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-03-01 11:09 - 2018-12-24 23:25 - 000000000 ____D C:\Users\Aky\AppData\Local\CrashDumps
2020-02-28 00:07 - 2018-12-25 15:06 - 000000000 ____D C:\Users\Aky\AppData\Local\Packages
2020-02-27 20:16 - 2019-08-03 16:38 - 000004190 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1545689848
2020-02-27 20:16 - 2018-12-24 23:17 - 000001450 _____ C:\Users\Aky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2020-02-22 18:49 - 2019-08-03 16:38 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2098762905-3211463788-3312216701-1001
2020-02-22 18:49 - 2019-08-03 16:13 - 000002412 _____ C:\Users\Aky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-22 18:49 - 2018-12-25 15:08 - 000000000 ___RD C:\Users\Aky\OneDrive
2020-02-14 23:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2020-02-14 23:43 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-14 01:15 - 2018-12-25 15:06 - 000000000 ___RD C:\Users\Aky\3D Objects
2020-02-14 01:15 - 2017-10-03 17:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-02-14 01:13 - 2019-08-03 16:00 - 000432384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-14 01:08 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-02-14 01:08 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-02-14 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-02-14 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-02-14 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-02-14 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-02-14 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-02-14 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-02-14 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-02-14 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-02-14 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-02-14 01:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-02-14 01:08 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2020-02-14 00:41 - 2018-12-25 09:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-02-14 00:37 - 2018-12-25 09:38 - 120407888 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-08 18:27 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-02-08 18:18 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-02-08 18:12 - 2018-12-26 20:56 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-02-08 17:52 - 2020-01-29 23:49 - 000003476 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2020-02-08 17:52 - 2020-01-29 23:49 - 000003252 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2020-02-08 17:52 - 2019-08-03 16:38 - 000003492 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Task
2020-02-08 17:52 - 2019-08-03 16:38 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 17:52 - 2019-08-03 16:38 - 000003176 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 17:52 - 2019-08-03 16:38 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-02-08 17:52 - 2019-08-03 16:38 - 000003034 _____ C:\WINDOWS\system32\Tasks\klcp_update
2020-02-08 17:52 - 2019-08-03 16:38 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 17:52 - 2019-08-03 16:38 - 000002968 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 17:52 - 2019-08-03 16:38 - 000002956 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 17:52 - 2019-08-03 16:38 - 000002838 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 17:52 - 2019-08-03 16:38 - 000002822 _____ C:\WINDOWS\system32\Tasks\NerveCenterUpdate
2020-02-08 17:52 - 2019-08-03 16:38 - 000002786 _____ C:\WINDOWS\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 17:52 - 2019-08-03 16:38 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 17:52 - 2019-08-03 16:38 - 000002582 _____ C:\WINDOWS\system32\Tasks\Aky

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {0ff919d3-084d-11e9-9304-e470b83cc642} - "E:\setup.exe"
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {8ec32b28-0447-11ea-932d-e470b83cc642} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {f44f357f-0867-11e9-9307-e470b83cc642} - "F:\OriginSetup.exe"
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {f44f360e-0867-11e9-9307-e470b83cc642} - "G:\setup.exe"
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {f44f3a39-0867-11e9-9307-e470b83cc642} - "H:\stp-grw.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {75514216-EEBC-4A74-899D-5E10B06CE843} - System32\Tasks\Aky => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Aky /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== ATTENTION
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-2098762905-3211463788-3312216701-1001 -> DefaultScope {898B8E4C-D7DF-41D0-8BE2-A9AE8BE39E49} URL =
S3 ardrv; C:\Users\Default\AppData\Local\Temp\ardrv.sys [18248 2020-02-08] (OPSWAT, Inc. -> OPSWAT, Inc.) <==== ATTENTION
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [UDP Query User{12C9CFF6-D51E-4C13-BFEF-492BAC789F37}C:\hry\dying light\dyinglightgame.exe] => (Allow) C:\hry\dying light\dyinglightgame.exe No File
FirewallRules: [TCP Query User{59A2D4F8-EC5B-4FC8-9C7E-719849011EAA}C:\hry\dying light\dyinglightgame.exe] => (Allow) C:\hry\dying light\dyinglightgame.exe No File
FirewallRules: [UDP Query User{637270BD-1C44-4094-85B4-1D1DA031B201}C:\users\aky\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\aky\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [TCP Query User{261167CD-B522-4563-8D74-311E31BFBAA0}C:\users\aky\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\aky\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [TCP Query User{18EAF168-C3C8-4722-A4C1-00CD4070EE4A}C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe No File
FirewallRules: [UDP Query User{3B957BA5-8C2D-4390-83AC-59708955212C}C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe No File
FirewallRules: [TCP Query User{3F392ED2-4FE4-44E5-9E5A-7CB6A055E664}C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe No File
FirewallRules: [UDP Query User{283B4A57-626E-4833-94E5-ACFC015E68EE}C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[r.o.s.t.a.c.k.a]

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by Aky (08-03-2020 19:06:57) Run:1
Running from C:\Users\Aky\Desktop
Loaded Profiles: Aky (Available Profiles: Aky)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {0ff919d3-084d-11e9-9304-e470b83cc642} - "E:\setup.exe"
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {8ec32b28-0447-11ea-932d-e470b83cc642} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {f44f357f-0867-11e9-9307-e470b83cc642} - "F:\OriginSetup.exe"
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {f44f360e-0867-11e9-9307-e470b83cc642} - "G:\setup.exe"
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\...\MountPoints2: {f44f3a39-0867-11e9-9307-e470b83cc642} - "H:\stp-grw.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {75514216-EEBC-4A74-899D-5E10B06CE843} - System32\Tasks\Aky => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Aky /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== ATTENTION
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-2098762905-3211463788-3312216701-1001 -> DefaultScope {898B8E4C-D7DF-41D0-8BE2-A9AE8BE39E49} URL =
S3 ardrv; C:\Users\Default\AppData\Local\Temp\ardrv.sys [18248 2020-02-08] (OPSWAT, Inc. -> OPSWAT, Inc.) <==== ATTENTION
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [UDP Query User{12C9CFF6-D51E-4C13-BFEF-492BAC789F37}C:\hry\dying light\dyinglightgame.exe] => (Allow) C:\hry\dying light\dyinglightgame.exe No File
FirewallRules: [TCP Query User{59A2D4F8-EC5B-4FC8-9C7E-719849011EAA}C:\hry\dying light\dyinglightgame.exe] => (Allow) C:\hry\dying light\dyinglightgame.exe No File
FirewallRules: [UDP Query User{637270BD-1C44-4094-85B4-1D1DA031B201}C:\users\aky\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\aky\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [TCP Query User{261167CD-B522-4563-8D74-311E31BFBAA0}C:\users\aky\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\aky\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [TCP Query User{18EAF168-C3C8-4722-A4C1-00CD4070EE4A}C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe No File
FirewallRules: [UDP Query User{3B957BA5-8C2D-4390-83AC-59708955212C}C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe No File
FirewallRules: [TCP Query User{3F392ED2-4FE4-44E5-9E5A-7CB6A055E664}C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe No File
FirewallRules: [UDP Query User{283B4A57-626E-4833-94E5-ACFC015E68EE}C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ff919d3-084d-11e9-9304-e470b83cc642} => removed successfully
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ec32b28-0447-11ea-932d-e470b83cc642} => removed successfully
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f44f357f-0867-11e9-9307-e470b83cc642} => removed successfully
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f44f360e-0867-11e9-9307-e470b83cc642} => removed successfully
HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f44f3a39-0867-11e9-9307-e470b83cc642} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{75514216-EEBC-4A74-899D-5E10B06CE843}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75514216-EEBC-4A74-899D-5E10B06CE843}" => removed successfully
C:\WINDOWS\System32\Tasks\Aky => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Aky" => removed successfully
"HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-2098762905-3211463788-3312216701-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\System\CurrentControlSet\Services\ardrv => removed successfully
ardrv => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{12C9CFF6-D51E-4C13-BFEF-492BAC789F37}C:\hry\dying light\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{59A2D4F8-EC5B-4FC8-9C7E-719849011EAA}C:\hry\dying light\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{637270BD-1C44-4094-85B4-1D1DA031B201}C:\users\aky\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{261167CD-B522-4563-8D74-311E31BFBAA0}C:\users\aky\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{18EAF168-C3C8-4722-A4C1-00CD4070EE4A}C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3B957BA5-8C2D-4390-83AC-59708955212C}C:\users\aky\appdata\local\programs\opera\65.0.3467.48\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3F392ED2-4FE4-44E5-9E5A-7CB6A055E664}C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{283B4A57-626E-4833-94E5-ACFC015E68EE}C:\users\aky\appdata\local\programs\opera\65.0.3467.78\opera.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 79260960 B
Java, Flash, Steam htmlcache => 735 B
Windows/system/drivers => 134364886 B
Edge => 2887276 B
Chrome => 0 B
Firefox => 0 B
Opera => 222415998 B

Temp, IE cache, history, cookies, recent:
Default => 18248 B
Users => 18248 B
ProgramData => 18248 B
Public => 18248 B
systemprofile => 18248 B
systemprofile32 => 18248 B
LocalService => 105118 B
NetworkService => 116934 B
Aky => 277102316 B

RecycleBin => 0 B
EmptyTemp: => 693.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:07:28 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[r.o.s.t.a.c.k.a]

To se nedá takto hned říct, přítel bude zítra přes den testovat a dám vědět. Zatím moc děkuji

[Rudy]

Ozvěte se. Zatím není zač!