Preventika - zpomalený počítač

Zpráva

krosna · #1 Příspěvek od **krosna** » 11 kvě 2017 08:26

Ahoj,

mohl bych poprosit o kontrolu logu? Počítač se mi zdá poslední dobou velmi pomalý, takže jsem možná doplatil na ty dva roky pouhého windows defendera.

Velmi děkuji za pomoc.

Logfile of random's system information tool 1.16 (written by random/random)
Run by Milan at 2017-05-11 09:16:58
Microsoft Windows 10 Home
System drive C: has 274 GB (63%) free of 436 GB
Total RAM: 4010 MB (30% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:17:24, on 11.05.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)
Boot mode: Normal

Running processes:
C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Milan\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Milan\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe
C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Users\Milan\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Milan\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Milan\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Milan\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Milan_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE13DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [MalwareProtectionLive] C:\Users\Milan\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Spotify] "C:\Users\Milan\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Milan\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Milan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Milan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Outlook 2016.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem38.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service (ApHidMonitorService) - Alps Electric Co., Ltd. - C:\Program Files\Apoint2K\HidMonitorSvc.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: FastbootService - Lenovo - C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo OKO Service - Lenovo(beijing) Limited - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo PAWD Service (LenovoPAWDService) - Unknown owner - C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: OKOControlSvc - Lenovo(beijing) Limited - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14773 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d8683a9a-b71a-478e-a018-fe02fe4887dd -SystemEventPortName:HostProcess-38a32bdf-29c4-41d9-80fd-426522610239 -IoCancelEventPortName:HostProcess-5e5f4319-fa67-400c-9239-c36cfeb07d04 -NonStateChangingEventPortName:HostProcess-27b1de9b-fdf2-443a-92c3-1b75d2762328 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3044a8c6-b450-4d65-924f-48e0ff5ccbed -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cfafed66-8fdb-435e-9176-37dfff58bbae -SystemEventPortName:HostProcess-cd0c45b8-d773-4d1c-a0e7-5817ebd7aa9e -IoCancelEventPortName:HostProcess-26737b48-9cc6-4e3b-8bf8-d55679279e49 -NonStateChangingEventPortName:HostProcess-de7f68a5-eccf-40cf-9008-73319a29d801 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:dc30ea88-c7e7-4130-aaa4-186c23df3883 -DeviceGroupId:
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a7eaa502-330d-4c5d-ae37-37526dcdf766 -SystemEventPortName:HostProcess-e20a1963-38cd-4d10-b7e0-29b69f7b7c73 -IoCancelEventPortName:HostProcess-e1e5ddb7-5e42-49d5-a568-041b3d52dd6f -NonStateChangingEventPortName:HostProcess-f61e48e8-217a-47a7-8713-9b9b54ce7db0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:dc7edc97-33c6-42eb-9234-f8e37f3c70de -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Apoint2K\HidMonitorSvc.exe"
C:\WINDOWS\system32\AdminService.exe
"C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe"
C:\WINDOWS\system32\dashost.exe
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Apoint2K\Apoint.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\sihost.exe
"C:\Program Files\Apoint2K\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\Explorer.EXE
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Apoint2K\HidFind.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-080b3a2b-4bf8-4cd8-9977-44c4a452b57d -SystemEventPortName:HostProcess-9d434943-882a-4ede-9530-1f466efb97b4 -IoCancelEventPortName:HostProcess-5f6506d8-3216-4ee7-a6b5-4b4cbe370da6 -NonStateChangingEventPortName:HostProcess-b2e1c325-dd29-4ee3-bfff-2b54c7f8881d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bc7c3204-ac1b-46c6-976d-9e29cb35b800 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\Lenovo\LenovoUtility\utility.exe"
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe" /run
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\Milan\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Users\Milan\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe"
"C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /client=Personal /background
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
"C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe" 1 1 1 1
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Program Files\Windows Defender\MpCmdRun.exe
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe" /hide
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
"C:\Users\Milan\AppData\Roaming\Spotify\Spotify.exe"
C:\Users\Milan\AppData\Roaming\Spotify\Spotify.exe --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 "--database=C:\Users\Milan\AppData\Local\Spotify\User Data\Crashpad" "--metrics-dir=C:\Users\Milan\AppData\Local\Spotify\User Data" --url=https://crashdump.spotify.com:443 --annotation=channel= --annotation=platform=win32 --annotation=product=spotify --annotation=version=1.0.53.758 --initial-client-data=0x45c,0x460,0x464,0x458,0x468,0x64817184,0x64817194,0x648171a4
"C:\Users\Milan\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --no-sandbox --disable-d3d11 --lang=en-US --log-file="C:\Users\Milan\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.53.758 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,19,23,40,59,71 --gpu-vendor-id=0x8086 --gpu-device-id=0x1616 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4531 --gpu-driver-date=9-29-2016 --lang=en-US --log-file="C:\Users\Milan\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.53.758 --service-request-channel-token=FB422DB56942088FE79439188ABC3687 --mojo-platform-channel-handle=1740 /prefetch:2
"C:\Users\Milan\AppData\Roaming\Spotify\Spotify.exe" --type=renderer --disable-pinch --no-sandbox --primordial-pipe-token=36CD2F5D25FF347CE43601AA3D0586D6 --lang=en-US --lang=en-US --log-file="C:\Users\Milan\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.53.758 --disable-spell-checking --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=36CD2F5D25FF347CE43601AA3D0586D6 --renderer-client-id=3 --mojo-platform-channel-handle=2564 /prefetch:1
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="8260.0.231912488\1379017974" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 8260 "\\.\pipe\gecko-crash-server-pipe.8260" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="8260.2.1192687737\1133031104" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 8260 "\\.\pipe\gecko-crash-server-pipe.8260" tab
C:\Program Files\Lenovo PhoneCompanion\adb.exe
"C:\WINDOWS\system32\wuauclt.exe" /RunHandlerComServer
"C:\WINDOWS\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.243.98.0.exe" WD /q
C:\WINDOWS\system32\MpSigStub.exe /version 1.1.13738.0 /MpWUStub /program C:\WINDOWS\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.243.98.0.exe WD /q
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1051_none_7f2bf7ea21d201b2\TiWorker.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 652 656 664 8192 660
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x33c
"C:\Users\Milan\Downloads\RSITx64.exe"

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\DolbySelectorTask - %ProgramFiles%\Dolby Digital Plus\ddp.exe -autostart
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Opera scheduled Autoupdate 1464618911 - C:\Program Files\Opera developer\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{AE76B574-62BE-4B6D-A998-BBDD3A0C9F23} - C:\windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\WINDOWS\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload
C:\WINDOWS\system32\tasks\Lenovo\Dependency Package Auto Update - C:\Program Files\Lenovo\iMController\AutoUpdate.exe
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\7rnto1tr.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.0.0.5099479\npmathplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll

C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\7rnto1tr.default\addons.json

C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\7rnto1tr.default\extensions.json

C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\7rnto1tr.default\pluginreg.dat
Plugin - Shockwave Flash - 24.0.0.221 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll

======Registry dump ======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={23C7D2A8-0892-4F97-97E6-6885CAF888F0}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{23C7D2A8-0892-4F97-97E6-6885CAF888F0}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=LCJB

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={23C7D2A8-0892-4F97-97E6-6885CAF888F0}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{23C7D2A8-0892-4F97-97E6-6885CAF888F0}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=LCJB

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26 1429216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-02 214216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-02 2326832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26 1056992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-04-02 151240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-04-02 1632048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26 1429216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26 1056992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-01-22 13874392]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-02-25 1392496]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-02-25 1392496]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-02-25 1392496]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2015-09-04 703272]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-03-27 36352]
"LMCSSTART1"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2015-03-23 30152]
"LMCSSTART2"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2015-03-23 30152]
"LMCSSTART3"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2015-03-23 30152]
"LenovoUtility"=C:\Program Files\Lenovo\LenovoUtility\utility.exe [2015-05-22 791368]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2015-05-22 802800]
"OneKeyOptimizer"=C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [2015-03-30 605992]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-28 631808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-04-14 1518808]
"Spotify"=C:\Users\Milan\AppData\Roaming\Spotify\Spotify.exe [2017-04-18 7064176]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe []
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-08-29 4299968]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-12-20 2876704]
"Spotify Web Helper"=C:\Users\Milan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-04-18 1446000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Milan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"=C:\WINDOWS\system32\cmd.exe [2016-07-16 232960]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"MalwareProtectionLive"=C:\Users\Milan\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe [2016-11-11 1187360]

C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Outlook 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2017-04-13 12:11:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-13 12:11:53 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-04-13 12:11:52 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-04-13 12:11:52 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-04-13 12:11:51 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2017-04-13 12:11:51 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-04-13 12:11:51 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-04-13 12:11:50 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-04-13 12:11:50 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2017-04-13 12:11:50 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-04-13 12:11:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-04-13 12:11:49 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-04-13 12:11:49 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-04-13 12:11:49 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-04-13 12:11:49 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-04-13 12:11:48 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-04-13 12:11:48 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2017-04-13 12:11:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2017-04-13 12:11:48 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-04-13 12:11:48 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-04-13 12:11:48 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-04-13 12:11:47 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2017-04-13 12:11:47 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2017-04-13 12:11:47 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2017-04-13 12:11:47 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-04-13 12:11:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2017-04-13 12:11:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2017-04-13 12:11:46 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-04-13 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2017-04-13 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2017-04-13 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-04-13 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2017-04-13 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2017-04-13 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-04-13 12:11:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2017-04-13 12:11:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SerialCommunication.dll
2017-04-13 12:11:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.PointOfService.dll
2017-04-13 12:11:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Perception.dll
2017-04-13 12:11:44 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2017-04-13 12:11:44 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-04-13 12:11:44 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-04-13 12:11:44 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2017-04-13 12:11:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2017-04-13 12:11:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2017-04-13 12:11:43 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-04-13 12:11:43 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-04-13 12:11:43 ----A---- C:\WINDOWS\SYSWOW64\CompPkgSup.dll
2017-04-13 12:11:43 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2017-04-13 12:11:42 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2017-04-13 12:11:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Usb.dll
2017-04-13 12:11:42 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-04-13 12:11:42 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-04-13 12:11:42 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2017-04-13 12:11:42 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiver.dll
2017-04-13 12:11:42 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-04-13 12:11:42 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-04-13 12:11:41 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2017-04-13 12:11:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-04-13 12:11:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2017-04-13 12:11:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2017-04-13 12:11:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2017-04-13 12:11:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.AllJoyn.dll
2017-04-13 12:11:41 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2017-04-13 12:11:41 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2017-04-13 12:11:41 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-04-13 12:11:41 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostUser.dll
2017-04-13 12:11:41 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2017-04-13 12:11:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.dll
2017-04-13 12:11:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Input.dll
2017-04-13 12:11:40 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2017-04-13 12:11:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2017-04-13 12:11:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Phone.dll
2017-04-13 12:11:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Maps.dll
2017-04-13 12:11:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2017-04-13 12:11:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFiDirect.dll
2017-04-13 12:11:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SmartCards.dll
2017-04-13 12:11:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2017-04-13 12:11:39 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2017-04-13 12:11:39 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2017-04-13 12:11:39 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2017-04-13 12:11:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Import.dll
2017-04-13 12:11:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-13 12:11:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Midi.dll
2017-04-13 12:11:38 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-04-13 12:11:38 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2017-04-13 12:11:38 ----A---- C:\WINDOWS\SYSWOW64\mbsmsapi.dll
2017-04-13 12:11:38 ----A---- C:\WINDOWS\SYSWOW64\dialclient.dll
2017-04-13 12:11:38 ----A---- C:\WINDOWS\SYSWOW64\apprepsync.dll
2017-04-13 12:11:37 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2017-04-13 12:11:37 ----A---- C:\WINDOWS\SYSWOW64\RTMediaFrame.dll
2017-04-13 12:11:37 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2017-04-13 12:11:36 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2017-04-13 12:11:36 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2017-04-13 12:11:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Perception.Stub.dll
2017-04-13 12:11:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2017-04-13 12:11:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-13 12:11:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-13 12:11:36 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2017-04-13 12:11:36 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-04-13 12:11:35 ----A---- C:\WINDOWS\SYSWOW64\WinRtTracing.dll
2017-04-13 12:11:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-13 12:11:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-04-13 12:11:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-13 12:11:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.FaceAnalysis.dll
2017-04-13 12:11:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll
2017-04-13 12:11:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2017-04-13 12:11:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Radios.dll
2017-04-13 12:11:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2017-04-13 12:11:35 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-04-13 12:11:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-13 12:11:34 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2017-04-13 12:11:34 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2017-04-13 12:11:33 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2017-04-13 12:11:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-13 12:11:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.3D.dll
2017-04-13 12:11:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2017-04-13 12:11:33 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2017-04-13 12:11:33 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2017-04-13 12:11:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-13 12:11:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-13 12:11:32 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2017-04-13 12:11:32 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2017-04-13 12:11:32 ----A---- C:\WINDOWS\SYSWOW64\mfmjpegdec.dll
2017-04-13 12:11:32 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2017-04-13 12:11:32 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2017-04-13 12:11:31 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-04-13 12:11:31 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll
2017-04-13 12:11:31 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2017-04-13 12:11:31 ----A---- C:\WINDOWS\SYSWOW64\CryptoWinRT.dll
2017-04-13 12:11:30 ----A---- C:\WINDOWS\SYSWOW64\WwaApi.dll
2017-04-13 12:11:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Ocr.dll
2017-04-13 12:11:30 ----A---- C:\WINDOWS\SYSWOW64\PlayToReceiver.dll
2017-04-13 12:11:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.SystemManagement.dll
2017-04-13 12:11:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Lights.dll
2017-04-13 12:11:28 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2017-04-13 12:11:28 ----A---- C:\WINDOWS\SYSWOW64\RADCUI.dll
2017-04-13 12:11:28 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-04-13 12:11:28 ----A---- C:\WINDOWS\SYSWOW64\ipsmsnap.dll
2017-04-13 12:11:28 ----A---- C:\WINDOWS\SYSWOW64\ipsecsnp.dll
2017-04-13 12:11:28 ----A---- C:\WINDOWS\SYSWOW64\apds.dll
2017-04-13 12:11:28 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-04-13 12:11:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2017-04-13 12:11:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2017-04-13 12:11:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-13 12:11:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Core.dll
2017-04-13 12:11:26 ----A---- C:\WINDOWS\SYSWOW64\vaultcli.dll
2017-04-13 12:11:26 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-04-13 12:11:25 ----A---- C:\WINDOWS\SYSWOW64\XblAuthTokenBrokerExt.dll
2017-04-13 12:11:25 ----A---- C:\WINDOWS\SYSWOW64\XblAuthManagerProxy.dll
2017-04-13 12:11:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2017-04-13 12:11:25 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerUI.dll
2017-04-13 12:11:25 ----A---- C:\WINDOWS\SYSWOW64\sbe.dll
2017-04-13 12:11:25 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2017-04-13 12:11:25 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2017-04-13 12:11:25 ----A---- C:\WINDOWS\SYSWOW64\AuthBroker.dll
2017-04-13 12:11:25 ----A---- C:\WINDOWS\SYSWOW64\apprepapi.dll
2017-04-13 12:11:25 ----A---- C:\WINDOWS\system32\drivers\BasicDisplay.sys
2017-04-13 12:11:24 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-04-13 12:11:24 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2017-04-13 12:11:24 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-04-13 12:11:24 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2017-04-13 12:11:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-13 12:11:23 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2017-04-13 12:11:23 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2017-04-13 12:11:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.HostName.dll
2017-04-13 12:11:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.LowLevel.dll
2017-04-13 12:11:22 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-04-13 12:11:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Diagnostics.dll
2017-04-13 12:11:21 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2017-04-13 12:11:21 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-04-13 12:11:21 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-04-13 12:11:21 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2017-04-13 12:11:21 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-04-13 12:11:20 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-04-13 12:11:19 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-04-13 12:11:19 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-04-13 12:11:19 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2017-04-13 12:11:18 ----A---- C:\WINDOWS\SYSWOW64\NaturalLanguage6.dll
2017-04-13 12:11:18 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-04-13 12:11:16 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-13 12:11:13 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-13 12:11:12 ----A---- C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-13 12:11:11 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2017-04-13 12:11:10 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2017-04-13 12:11:10 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-04-13 12:11:10 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-13 12:11:10 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-13 12:11:10 ----A---- C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-13 12:11:09 ----A---- C:\WINDOWS\SYSWOW64\WebcamUi.dll
2017-04-13 12:11:09 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-13 12:11:09 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-13 12:11:09 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-13 12:11:08 ----A---- C:\WINDOWS\system32\WwaApi.dll
2017-04-13 12:11:08 ----A---- C:\WINDOWS\system32\WinRtTracing.dll
2017-04-13 12:11:08 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-04-13 12:11:08 ----A---- C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-13 12:11:08 ----A---- C:\WINDOWS\system32\WebcamUi.dll
2017-04-13 12:11:07 ----A---- C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-13 12:11:07 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-13 12:11:07 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-13 12:11:06 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-04-13 12:11:05 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-13 12:11:04 ----A---- C:\WINDOWS\system32\shell32.dll
2017-04-13 12:11:03 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-04-13 12:11:02 ----A---- C:\WINDOWS\system32\mos.dll
2017-04-13 12:11:01 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-04-13 12:11:00 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-13 12:11:00 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-13 12:11:00 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-13 12:11:00 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-04-13 12:10:59 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-04-13 12:10:59 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-13 12:10:58 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-04-13 12:10:57 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-04-13 12:10:57 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-04-13 12:10:56 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-04-13 12:10:56 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-04-13 12:10:55 ----A---- C:\WINDOWS\system32\usocore.dll
2017-04-13 12:10:55 ----A---- C:\WINDOWS\system32\puiobj.dll
2017-04-13 12:10:55 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-04-13 12:10:55 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-13 12:10:55 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-13 12:10:54 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-04-13 12:10:54 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-04-13 12:10:54 ----A---- C:\WINDOWS\system32\LsaIso.exe
2017-04-13 12:10:54 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-04-13 12:10:53 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-04-13 12:10:53 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-13 12:10:53 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-13 12:10:53 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-04-13 12:10:53 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2017-04-13 12:10:53 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-04-13 12:10:53 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-13 12:10:53 ----A---- C:\WINDOWS\system32\EmailApis.dll
2017-04-13 12:10:52 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-13 12:10:52 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-13 12:10:52 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-04-13 12:10:51 ----A---- C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-13 12:10:51 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-13 12:10:51 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-13 12:10:51 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-13 12:10:51 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-13 12:10:50 ----A---- C:\WINDOWS\system32\wscapi.dll
2017-04-13 12:10:50 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-13 12:10:50 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2017-04-13 12:10:49 ----A---- C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-13 12:10:49 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-04-13 12:10:49 ----A---- C:\WINDOWS\system32\mbsmsapi.dll
2017-04-13 12:10:49 ----A---- C:\WINDOWS\system32\efswrt.dll
2017-04-13 12:10:48 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-13 12:10:48 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-13 12:10:48 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2017-04-13 12:10:47 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-13 12:10:46 ----A---- C:\WINDOWS\system32\wpnapps.dll
2017-04-13 12:10:46 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-13 12:10:28 ----A---- C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-13 12:10:28 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2017-04-13 12:10:28 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-13 12:10:27 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-13 12:10:27 ----A---- C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-13 12:10:27 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-13 12:10:26 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-04-13 12:10:26 ----A---- C:\WINDOWS\system32\localspl.dll
2017-04-13 12:10:23 ----A---- C:\WINDOWS\system32\wpninprc.dll
2017-04-13 12:10:23 ----A---- C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-13 12:10:23 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-13 12:10:23 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-04-13 12:10:23 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-13 12:10:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-04-13 12:10:19 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-04-13 12:10:17 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-04-13 12:10:16 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-04-13 12:10:16 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-04-13 12:10:14 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-04-13 12:10:14 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-04-13 12:10:13 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-04-13 12:10:12 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-04-13 12:10:11 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-13 12:10:11 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-04-13 12:10:11 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-04-13 12:10:10 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-04-13 12:10:09 ----A---- C:\WINDOWS\system32\wininet.dll
2017-04-13 12:10:09 ----A---- C:\WINDOWS\system32\ole32.dll
2017-04-13 12:10:09 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-04-13 12:10:08 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-04-13 12:10:08 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-13 12:10:08 ----A---- C:\WINDOWS\system32\quartz.dll
2017-04-13 12:10:08 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-04-13 12:10:08 ----A---- C:\WINDOWS\HelpPane.exe
2017-04-13 12:10:07 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2017-04-13 12:10:07 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-13 12:10:07 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-13 12:10:07 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-04-13 12:10:07 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2017-04-13 12:10:06 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-13 12:10:05 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-13 12:10:05 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-13 12:10:04 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-04-13 12:10:03 ----A---- C:\WINDOWS\system32\msdtctm.dll
2017-04-13 12:10:02 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2017-04-13 12:10:02 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-13 12:10:02 ----A---- C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-13 12:10:02 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-13 12:10:02 ----A---- C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-13 12:10:02 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-13 12:10:02 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2017-04-13 12:10:01 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-04-13 12:10:00 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-04-13 12:10:00 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-13 12:10:00 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-13 12:10:00 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-04-13 12:10:00 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-13 12:10:00 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-13 12:10:00 ----A---- C:\WINDOWS\system32\asycfilt.dll
2017-04-13 12:09:59 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-13 12:09:59 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-13 12:09:59 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-13 12:09:59 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-13 12:09:59 ----A---- C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-13 12:09:59 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-13 12:09:59 ----A---- C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-13 12:09:59 ----A---- C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-13 12:09:59 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-04-13 12:09:58 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-04-13 12:09:58 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-04-13 12:09:58 ----A---- C:\WINDOWS\system32\dafpos.dll
2017-04-13 12:09:57 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-04-13 12:09:57 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-04-13 12:09:57 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-13 12:09:57 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2017-04-13 12:09:57 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2017-04-13 12:09:57 ----A---- C:\WINDOWS\system32\Geolocation.dll
2017-04-13 12:09:57 ----A---- C:\WINDOWS\system32\FontProvider.dll
2017-04-13 12:09:56 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-13 12:09:56 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-13 12:09:56 ----A---- C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-13 12:09:56 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-04-13 12:09:55 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-04-13 12:09:55 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-04-13 12:09:55 ----A---- C:\WINDOWS\system32\RDXService.dll
2017-04-13 12:09:55 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-04-13 12:09:54 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-04-13 12:09:54 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-04-13 12:09:53 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-04-13 12:09:53 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-04-13 12:09:53 ----A---- C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-13 12:09:53 ----A---- C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-13 12:09:53 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-04-13 12:09:53 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2017-04-13 12:09:53 ----A---- C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-13 12:09:52 ----A---- C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-13 12:09:52 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-04-13 12:09:52 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2017-04-13 12:09:52 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-04-13 12:09:52 ----A---- C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-13 12:09:52 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-04-13 12:09:52 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-04-13 12:09:51 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-13 12:09:51 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-13 12:09:51 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-04-13 12:09:51 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-13 12:09:50 ----A---- C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-13 12:09:50 ----A---- C:\WINDOWS\system32\CastLaunch.dll
2017-04-13 12:09:41 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-04-13 12:09:40 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2017-04-13 12:09:40 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-13 12:09:39 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-04-13 12:09:38 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-04-13 12:09:38 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-04-13 12:09:38 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-04-13 12:09:37 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-13 12:09:37 ----A---- C:\WINDOWS\system32\twinui.dll
2017-04-13 12:09:37 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-04-13 12:09:37 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-13 12:09:36 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-13 12:09:36 ----A---- C:\WINDOWS\system32\actxprxy.dll
2017-04-13 12:09:35 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-13 12:09:34 ----A---- C:\WINDOWS\system32\WinTypes.dll
2017-04-13 12:09:34 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-04-13 12:09:34 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-04-13 12:09:34 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-04-13 12:09:33 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-04-13 12:09:33 ----A---- C:\WINDOWS\system32\ShareHost.dll
2017-04-13 12:09:33 ----A---- C:\WINDOWS\system32\qedit.dll
2017-04-13 12:09:33 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-04-13 12:09:33 ----A---- C:\WINDOWS\system32\CompPkgSup.dll
2017-04-13 12:09:33 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-13 12:09:32 ----A---- C:\WINDOWS\system32\sbe.dll
2017-04-13 12:09:31 ----A---- C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-13 12:09:31 ----A---- C:\WINDOWS\system32\dlnashext.dll
2017-04-13 12:09:31 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2017-04-13 12:09:31 ----A---- C:\WINDOWS\system32\apprepsync.dll
2017-04-13 12:09:29 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-13 12:09:29 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-13 12:09:28 ----A---- C:\WINDOWS\system32\msxml6.dll
2017-04-13 12:09:25 ----A---- C:\WINDOWS\system32\wer.dll
2017-04-13 12:09:24 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-13 12:09:22 ----A---- C:\WINDOWS\system32\AppContracts.dll
2017-04-13 12:09:18 ----A---- C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-13 12:09:17 ----A---- C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-13 12:09:17 ----A---- C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-13 12:09:17 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-13 12:09:17 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2017-04-13 12:09:16 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-13 12:09:16 ----A---- C:\WINDOWS\system32\psmsrv.dll
2017-04-13 12:09:16 ----A---- C:\WINDOWS\system32\invagent.dll
2017-04-13 12:09:16 ----A---- C:\WINDOWS\system32\devinv.dll
2017-04-13 12:09:16 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-04-13 12:09:16 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-04-13 12:09:14 ----A---- C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-13 12:09:14 ----A---- C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-13 12:09:14 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-13 12:09:14 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-13 12:09:14 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-04-13 12:09:13 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-13 12:09:13 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-13 12:09:13 ----A---- C:\WINDOWS\system32\apprepapi.dll
2017-04-13 12:09:13 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-04-13 12:09:12 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-13 12:09:12 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-13 12:09:12 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-13 12:09:12 ----A---- C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-13 12:09:12 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2017-04-13 12:09:10 ----A---- C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-13 12:09:10 ----A---- C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-13 12:09:09 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-04-13 12:09:09 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-13 12:09:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-13 12:09:08 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-13 12:09:08 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-04-13 12:09:08 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2017-04-13 12:09:07 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-13 12:09:07 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2017-04-13 12:09:07 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-13 12:09:06 ----A---- C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-13 12:09:06 ----A---- C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-13 12:09:06 ----A---- C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-13 12:09:06 ----A---- C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-13 12:09:06 ----A---- C:\WINDOWS\system32\vaultcli.dll
2017-04-13 12:09:06 ----A---- C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-13 12:09:06 ----A---- C:\WINDOWS\system32\oleacc.dll
2017-04-13 12:09:06 ----A---- C:\WINDOWS\system32\Family.Client.dll
2017-04-13 12:09:05 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-04-13 12:09:05 ----A---- C:\WINDOWS\system32\cdp.dll
2017-04-13 12:09:03 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-04-13 12:09:03 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-13 12:09:03 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-04-13 12:09:03 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2017-04-13 12:09:03 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-13 12:09:03 ----A---- C:\WINDOWS\system32\atmlib.dll

====== List of files/folders modified in the last 1 month ======

2017-05-11 09:17:10 ----D---- C:\Program Files\trend micro
2017-05-11 09:16:28 ----D---- C:\WINDOWS\Prefetch
2017-05-11 09:15:37 ----D---- C:\Users\Milan\AppData\Roaming\Spotify
2017-05-11 09:11:45 ----D---- C:\WINDOWS\Temp
2017-05-11 08:59:31 ----D---- C:\WINDOWS\AppReadiness
2017-05-11 08:54:29 ----D---- C:\WINDOWS\system32\config
2017-05-11 08:46:18 ----D---- C:\ProgramData\Lenovo
2017-05-11 08:42:29 ----D---- C:\WINDOWS\System32
2017-05-11 08:42:29 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-11 08:40:54 ----D---- C:\WINDOWS\system32\SleepStudy
2017-05-11 08:40:51 ----D---- C:\Program Files\TrueKey
2017-05-11 08:28:01 ----D---- C:\WINDOWS\system32\sru
2017-05-10 23:31:44 ----D---- C:\Users\Milan\AppData\Roaming\RStudio
2017-05-10 20:51:05 ----D---- C:\WINDOWS\system32\MRT
2017-05-10 20:50:15 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-05-10 20:47:28 ----D---- C:\WINDOWS\system32\catroot2
2017-05-10 20:47:14 ----SHD---- C:\System Volume Information
2017-05-10 20:46:10 ----D---- C:\WINDOWS\CbsTemp
2017-05-10 20:45:42 ----D---- C:\WINDOWS\WinSxS
2017-05-10 20:45:42 ----D---- C:\WINDOWS\SysWOW64
2017-05-10 16:08:33 ----D---- C:\WINDOWS\system32\Tasks
2017-05-10 08:56:44 ----HD---- C:\Program Files\WindowsApps
2017-05-06 09:58:55 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-05-05 18:16:55 ----D---- C:\WINDOWS\system32\appraiser
2017-05-05 16:01:59 ----SHD---- C:\WINDOWS\Installer
2017-05-05 16:01:59 ----SHD---- C:\Config.Msi
2017-05-03 20:18:33 ----D---- C:\Program Files (x86)\McAfee
2017-04-29 13:25:43 ----RD---- C:\WINDOWS\Microsoft.NET
2017-04-29 02:59:37 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-04-27 18:13:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-25 15:22:39 ----RSD---- C:\WINDOWS\assembly
2017-04-25 07:19:25 ----AD---- C:\Program Files\Opera developer
2017-04-21 08:48:20 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-04-21 08:47:58 ----D---- C:\Program Files (x86)\Common Files
2017-04-21 08:46:43 ----AD---- C:\Program Files (x86)\Microsoft Office
2017-04-20 15:14:20 ----D---- C:\WINDOWS\LiveKernelReports
2017-04-16 09:42:49 ----D---- C:\WINDOWS\INF
2017-04-16 09:29:13 ----D---- C:\WINDOWS\system32\DriverStore
2017-04-16 09:28:19 ----D---- C:\WINDOWS\system32\drivers
2017-04-16 00:13:47 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-04-16 00:13:47 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-CS
2017-04-16 00:13:47 ----D---- C:\WINDOWS\SYSWOW64\setup
2017-04-16 00:13:46 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-04-16 00:13:46 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-04-16 00:13:42 ----D---- C:\WINDOWS\system32\wbem
2017-04-16 00:13:42 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2017-04-16 00:13:41 ----SD---- C:\WINDOWS\system32\F12
2017-04-16 00:13:41 ----D---- C:\WINDOWS\system32\setup
2017-04-16 00:13:41 ----D---- C:\WINDOWS\system32\migration
2017-04-16 00:13:41 ----D---- C:\WINDOWS\system32\en-US
2017-04-16 00:13:41 ----D---- C:\WINDOWS\system32\Dism
2017-04-16 00:13:41 ----D---- C:\WINDOWS\system32\cs-CZ
2017-04-16 00:13:36 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-04-16 00:13:36 ----D---- C:\WINDOWS\ShellExperiences
2017-04-16 00:13:36 ----D---- C:\WINDOWS\Provisioning
2017-04-16 00:13:36 ----D---- C:\Windows
2017-04-16 00:13:35 ----RD---- C:\Program Files\Windows Defender
2017-04-16 00:13:35 ----D---- C:\Program Files\Windows Photo Viewer
2017-04-16 00:13:35 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-04-16 00:13:35 ----D---- C:\Program Files (x86)\Windows Defender

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 Fastboot;Fastboot; C:\WINDOWS\System32\DRIVERS\Fastboot.sys [2015-01-27 70168]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-03-27 1400048]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 sptd2;SPTD2; C:\WINDOWS\System32\Drivers\sptd2.sys [2016-09-14 196152]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R3 ACPIVPC;@oem23.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-05-22 35064]
R3 ApfiltrService;@oem38.inf,%Filter.SvcDesc%;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2015-09-04 582936]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-06-26 610656]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-08-20 84992]
R3 dtlitescsibus;@oem1.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-09-13 30264]
R3 dtliteusbbus;@oem6.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-09-13 47672]
R3 iwdbus;@oem31.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-12-22 30512]
R3 KMDFVirtualKbd;@oem15.inf,%KMDFVirtualKbd.SVCDESC%;Lenovo Virtual Keyboard Device; C:\WINDOWS\System32\drivers\KMDFVirtualKbd.sys [2014-08-05 22264]
R3 KMDFVirtualMouse;@oem34.inf,%KMDFVirtualMouse.SVCDESC%;Lenovo Virtual Mouse Device; C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [2014-08-05 21240]
R3 Qcamain10x64;@netathr10x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2016-07-16 2336768]
R3 rt640x64;@oem18.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 rtsuvc;@oem7.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-16 3068160]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys [2015-08-10 82072]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-08-20 114176]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2016-09-15 249856]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys []
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys []
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
S3 RTSUER;@oem33.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-11-24 419576]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 ApHidMonitorService;@oem38.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service; C:\Program Files\Apoint2K\HidMonitorSvc.exe [2015-09-04 90440]
R2 AtherosSvc;AtherosSvc; C:\WINDOWS\system32\AdminService.exe [2016-06-26 355760]
R2 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2015-03-23 560584]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-10-22 644080]
R2 CDPUserSvc_4afeb;CDPUserSvc_4afeb; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-04-03 3294920]
R2 FastbootService;FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [2015-01-27 191000]
R2 FoxitReaderService;Foxit Reader Service; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [2016-12-29 1659592]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-03-27 19184]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-11-10 158496]
R2 Lenovo OKO Service;Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2015-03-31 2742568]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2015-04-10 2016040]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 LenovoPAWDService;Lenovo PAWD Service; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [2015-05-22 133440]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [2014-06-19 258544]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-08-26 218952]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-11-10 409376]
R2 OKOControlSvc;OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [2015-03-30 359208]
R2 OneSyncSvc_4afeb;Hostitel synchronizace_4afeb; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-05-28 167176]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2015-05-22 321520]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 PimIndexMaintenanceSvc_4afeb;Data kontaktů_4afeb; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\TimeBrokerServer.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 []
S2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-05-28 524552]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-08-29 1467072]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2015-03-23 456136]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2015-03-23 453576]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2015-03-23 625608]
S3 MessagingService_4afeb;Služba zasílání zpráv_4afeb; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-04-02 209104]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2015-05-22 338416]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-20 1467168]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

#2 Příspěvek od **Roli** » 11 kvě 2017 18:23

Zdravím, Odinstaluj vše od McAfee.

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

Nakonec použij Mbam z mého podpisu a dej mi sem z něj log.

VIRY.CZ

Preventika - zpomalený počítač

Preventika - zpomalený počítač

Re: Preventika - zpomalený počítač