Opakované spouštění obnovení systému - zotavení z chyb

[102mn]

Dobrý den,
po zapnutí PC opakovaně dochází ke spouštění obnovení systému - zotavení systému z chyb. Po dvou třech restartech se do PC dostanu a můžu normálně pracovat, pouze vyskočí okno se zprávou "Systém Windows byl po neočekávaném vypnutí obnoven." Tento problém začal před cca 14 dny.

Pro kontrolu přikládám log.


Děkuji



Logfile of random's system information tool 1.16 (written by random/random)
Run by Lenka at 2018-01-29 17:12:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 80 GB (57%) free of 140 GB
Total RAM: 6058 MB (70% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:12:47, on 29.1.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18894)
Boot mode: Normal

Running processes:
C:\windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\trend micro\Lenka_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {84F23192-A475-4038-B5C0-8584777F2DF4} - (no file)
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
O4 - HKLM\..\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Service Help - Egis Technology Inc. - C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - McAfee, Inc. - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: PCCare AM Service (pccareamw_service) - PLUMBYTES - C:\Program Files\PCCare Software\PCCare Anti-Malware\AmwService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11542 bytes

====== Enumerating Processes ======

C:\windows\system32\csrss.exe
C:\windows\system32\wininit.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe"
C:\windows\system32\svchost.exe -k NetworkService
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\taskeng.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe"
C:\windows\system32\msiexec.exe /V
"C:\Program Files\PCCare Software\PCCare Anti-Malware\AmwService.exe" run
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\WerFault.exe -k -q
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\windows\System32\spool\drivers\x64\3\WrtMon.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\windows\System32\igfxtray.exe"
"C:\windows\System32\hkcmd.exe"
"C:\windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\windows\System32\spool\drivers\x64\3\WrtProc.exe
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe" -nogui
"C:\Program Files (x86)\USB Camera2\VM332_STI.EXE"
"C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Glary Utilities 5\Integrator.exe" /autostart
C:\windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Lenka\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Lenka\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=63.0.3239.132 --initial-client-data=0x84,0x88,0x8c,0x80,0x90,0x7feef795720,0x7feef795760,0x7feef795738
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3876 --on-initialized-event-handle=316 --parent-handle=320 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1116,12694418858656161514,12164707490672673818,131072 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3517 --gpu-driver-date=3-20-2014 --service-request-channel-token=1C80BA7A667C1F2771B55CD8E53C6573 --mojo-platform-channel-handle=1140 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1116,12694418858656161514,12164707490672673818,131072 --service-pipe-token=A20259CAF214F1D115439ACF02DFDDF4 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=A20259CAF214F1D115439ACF02DFDDF4 --renderer-client-id=4 --mojo-platform-channel-handle=2728 /prefetch:1
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1116,12694418858656161514,12164707490672673818,131072 --service-pipe-token=B6E42EBC0D43982E88D7BC6F9F017069 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=B6E42EBC0D43982E88D7BC6F9F017069 --renderer-client-id=8 --mojo-platform-channel-handle=4856 /prefetch:1
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\sppsvc.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Lenka\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

====== Scheduled tasks folder ======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\WinThruster64-Lenka-Notification.job - C:\Program Files\Solvusoft\WinThruster\Sync.exe
C:\windows\tasks\WinThruster64-Lenka-Startup.job - C:\Program Files\Solvusoft\WinThruster\WinThruster64.exe /delay 180
C:\windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe -check pepperplugin
C:\windows\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\windows\system32\tasks\Driver Booster SkipUAC (Lenka) - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe /skipuac
C:\windows\system32\tasks\Driver Booster SkipUAC (SYSTEM) - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe /skipuac
C:\windows\system32\tasks\GlaryInitialize 5 - C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
C:\windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\system32\tasks\GoogleUpdateTaskMachineCore1d164318cc5ddaf - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\GoogleUpdateTaskMachineUA1d164318d1adb8b - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\GU5SkipUAC - C:\Program Files (x86)\Glary Utilities 5\Integrator.exe $(Arg0)
C:\windows\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
C:\windows\system32\tasks\MirageAgent - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\windows\system32\tasks\Uninstaller_SkipUac_Lenka - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer
C:\windows\system32\tasks\WinThruster64-Lenka-Notification - C:\Program Files\Solvusoft\WinThruster\Sync.exe
C:\windows\system32\tasks\WinThruster64-Lenka-Startup - C:\Program Files\Solvusoft\WinThruster\WinThruster64.exe /delay 180
C:\windows\system32\tasks\{030E4F12-6DD0-4494-871E-2B70C6CFD488} - C:\windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
C:\windows\system32\tasks\{1C65C05D-E69F-4164-9D8C-35C303FF6721} - C:\windows\system32\pcalua.exe -a "F:\Power DVD v6.0 Deluxe Cracked\pdvd6_setup.exe" -d "F:\Power DVD v6.0 Deluxe Cracked"
C:\windows\system32\tasks\WPD\SqmUpload_S-1-5-21-118739109-790167221-2496289451-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\windows\System32\lpksetup.exe -v
C:\windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\windows\System32\mcbuilder.exe
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\windows\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\windows\system32\tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan - C:\Program Files\Microsoft Security Client\\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges
C:\windows\system32\tasks\Microsoft\Microsoft Antimalware\MpIdleTask - C:\Program Files\Microsoft Security Client\\MpCmdRun.exe -IdleTask -TaskName MpIdleTask

=========Google Chrome=========

C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Store 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat 15.1.0.3
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gfoabcdjalmeenbjjngidappmppchblc 0 Norton Home Page for Chrome 1.0.0.20
Extension hbmobhkkblcgdifigjglcjneplefbkmh 1 Norton Safe Search as default for Chrome 2.0.26
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.5
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6317.1002.0.5
Homepage: http://www.seznam.cz/
default_search_provider.search_url:
C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin Remoting Viewer internal-remoting-viewer
Plugin Native Client C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\ppGoogleNaClPluginChrome.dll
Plugin Chrome PDF Viewer C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\pdf.dll
Plugin 11,2,202,235 Shockwave Flash C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\gcswf32.dll
Plugin 10.1.3.23 Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
Plugin 1.3.21.111 Google Update C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
Plugin 5.1.10411.0 Silverlight Plug-In C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
Plugin 15.4.3508.1109_ship.wlx.w4m4 (ship) Windows Live™ Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
Plugin 11.6.3r633 Shockwave for Director C:\windows\system32\Adobe\Director\np32dsw.dll
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
{84F23192-A475-4038-B5C0-8584777F2DF4}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-11-22 13672152]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2011-09-14 9769888]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2011-09-14 5908928]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2011-09-14 114688]
"WrtMon.exe"=C:\windows\system32\spool\drivers\x64\3\WrtMon.exe [2006-09-20 20480]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-11-22 1387376]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-11-22 1387376]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-11-22 172016]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2014-11-22 399856]
"Persistence"=C:\windows\system32\igfxpers.exe [2014-11-22 442352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"GUDelayStartup"=C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [2018-01-08 44016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"332BigDog"=C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [2014-11-22 548864]
"PLTSR"=C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe [2010-10-22 364400]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-24 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2010-12-24 224352]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-10 407920]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-03-10 201584]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-26 222504]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"NeroFilterCheck"=C:\windows\system32\NeroCheck.exe []
"WinampAgent"=C:\Program Files (x86)\Winamp\Winampa.exe [2002-04-26 12288]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SSBkgdUpdate"=C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
"OpwareSE4"=C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = scecli
EgisPLPwdFilter

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2018-01-28 15:00:19 ----D---- C:\Program Files\trend micro
2018-01-28 15:00:18 ----D---- C:\rsit
2018-01-28 13:35:01 ----D---- C:\Program Files\PCCare Software
2018-01-28 13:31:38 ----D---- C:\Program Files (x86)\ErrorFixKIT
2018-01-28 11:48:16 ----D---- C:\Program Files (x86)\Glary Utilities 5
2018-01-27 20:01:06 ----D---- C:\AdwCleaner
2018-01-16 17:22:28 ----A---- C:\windows\system32\mshtml.dll
2018-01-16 17:22:26 ----A---- C:\windows\SYSWOW64\mshtml.dll
2018-01-16 17:22:24 ----A---- C:\windows\system32\ieframe.dll
2018-01-16 17:22:23 ----A---- C:\windows\SYSWOW64\ieframe.dll
2018-01-16 17:22:22 ----A---- C:\windows\system32\jscript9.dll
2018-01-16 17:22:21 ----A---- C:\windows\SYSWOW64\jscript9.dll
2018-01-16 17:22:21 ----A---- C:\windows\system32\ntoskrnl.exe
2018-01-16 17:22:17 ----A---- C:\windows\SYSWOW64\wininet.dll
2018-01-16 17:22:17 ----A---- C:\windows\SYSWOW64\iertutil.dll
2018-01-16 17:22:17 ----A---- C:\windows\system32\wininet.dll
2018-01-16 17:22:17 ----A---- C:\windows\system32\ntdll.dll
2018-01-16 17:22:17 ----A---- C:\windows\system32\iertutil.dll
2018-01-16 17:22:16 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2018-01-16 17:22:16 ----A---- C:\windows\system32\urlmon.dll
2018-01-16 17:22:16 ----A---- C:\windows\system32\ole32.dll
2018-01-16 17:22:15 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2018-01-16 17:22:14 ----A---- C:\windows\system32\shell32.dll
2018-01-16 17:22:13 ----A---- C:\windows\SYSWOW64\urlmon.dll
2018-01-16 17:22:13 ----A---- C:\windows\system32\rpcrt4.dll
2018-01-16 17:22:13 ----A---- C:\windows\system32\ieapfltr.dll
2018-01-16 17:22:13 ----A---- C:\windows\system32\drivers\ntfs.sys
2018-01-16 17:22:12 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2018-01-16 17:22:11 ----A---- C:\windows\SYSWOW64\vbscript.dll
2018-01-16 17:22:11 ----A---- C:\windows\SYSWOW64\shell32.dll
2018-01-16 17:22:11 ----A---- C:\windows\SYSWOW64\kerberos.dll
2018-01-16 17:22:11 ----A---- C:\windows\SYSWOW64\jscript.dll
2018-01-16 17:22:11 ----A---- C:\windows\system32\msfeeds.dll
2018-01-16 17:22:11 ----A---- C:\windows\system32\lsasrv.dll
2018-01-16 17:22:11 ----A---- C:\windows\system32\jscript.dll
2018-01-16 17:22:11 ----A---- C:\windows\system32\ieui.dll
2018-01-16 17:22:10 ----A---- C:\windows\system32\winload.exe
2018-01-16 17:22:09 ----A---- C:\windows\SYSWOW64\ntdll.dll
2018-01-16 17:22:09 ----A---- C:\windows\system32\winlogon.exe
2018-01-16 17:22:09 ----A---- C:\windows\system32\msxml6.dll
2018-01-16 17:22:09 ----A---- C:\windows\system32\jscript9diag.dll
2018-01-16 17:22:09 ----A---- C:\windows\system32\drivers\srv2.sys
2018-01-16 17:22:09 ----A---- C:\windows\system32\drivers\srv.sys
2018-01-16 17:22:08 ----A---- C:\windows\system32\mshtmlmedia.dll
2018-01-16 17:22:08 ----A---- C:\windows\system32\atmfd.dll
2018-01-16 17:22:07 ----A---- C:\windows\SYSWOW64\ieui.dll
2018-01-16 17:22:07 ----A---- C:\windows\system32\ExplorerFrame.dll
2018-01-16 17:22:07 ----A---- C:\windows\system32\drivers\fltMgr.sys
2018-01-16 17:22:06 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2018-01-16 17:22:06 ----A---- C:\windows\SYSWOW64\atmfd.dll
2018-01-16 17:22:05 ----A---- C:\windows\system32\sysmain.dll
2018-01-16 17:22:04 ----A---- C:\windows\system32\schedsvc.dll
2018-01-16 17:22:04 ----A---- C:\windows\system32\FirewallAPI.dll
2018-01-16 17:22:03 ----A---- C:\windows\SYSWOW64\ole32.dll
2018-01-16 17:22:03 ----A---- C:\windows\system32\drivers\ndis.sys
2018-01-16 17:22:03 ----A---- C:\windows\system32\drivers\http.sys
2018-01-16 17:22:02 ----A---- C:\windows\system32\iedkcs32.dll
2018-01-16 17:22:01 ----A---- C:\windows\SYSWOW64\advapi32.dll
2018-01-16 17:22:01 ----A---- C:\windows\system32\rpcss.dll
2018-01-16 17:22:00 ----A---- C:\windows\system32\authui.dll
2018-01-16 17:21:59 ----A---- C:\windows\SYSWOW64\msxml6.dll
2018-01-16 17:21:59 ----A---- C:\windows\system32\taskcomp.dll
2018-01-16 17:21:59 ----A---- C:\windows\system32\MPSSVC.dll
2018-01-16 17:21:58 ----A---- C:\windows\SYSWOW64\kernel32.dll
2018-01-16 17:21:58 ----A---- C:\windows\SYSWOW64\ExplorerFrame.dll
2018-01-16 17:21:58 ----A---- C:\windows\system32\wow64win.dll
2018-01-16 17:21:57 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2018-01-16 17:21:57 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2018-01-16 17:21:57 ----A---- C:\windows\SYSWOW64\FirewallAPI.dll
2018-01-16 17:21:57 ----A---- C:\windows\system32\spoolsv.exe
2018-01-16 17:21:57 ----A---- C:\windows\system32\p2psvc.dll
2018-01-16 17:21:57 ----A---- C:\windows\system32\inetcomm.dll
2018-01-16 17:21:57 ----A---- C:\windows\system32\IKEEXT.DLL
2018-01-16 17:21:56 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2018-01-16 17:21:56 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2018-01-16 17:21:56 ----A---- C:\windows\system32\wow64.dll
2018-01-16 17:21:56 ----A---- C:\windows\system32\hal.dll
2018-01-16 17:21:56 ----A---- C:\windows\system32\certcli.dll
2018-01-16 17:21:56 ----A---- C:\windows\system32\BFE.DLL
2018-01-16 17:21:56 ----A---- C:\windows\system32\actxprxy.dll
2018-01-16 17:21:55 ----A---- C:\windows\SYSWOW64\taskcomp.dll
2018-01-16 17:21:55 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2018-01-16 17:21:55 ----A---- C:\windows\SYSWOW64\certcli.dll
2018-01-16 17:21:55 ----A---- C:\windows\system32\vbscript.dll
2018-01-16 17:21:55 ----A---- C:\windows\system32\srcore.dll
2018-01-16 17:21:55 ----A---- C:\windows\system32\kernel32.dll
2018-01-16 17:21:55 ----A---- C:\windows\system32\drivers\wanarp.sys
2018-01-16 17:21:55 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2018-01-16 17:21:54 ----A---- C:\windows\SYSWOW64\webcheck.dll
2018-01-16 17:21:54 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2018-01-16 17:21:54 ----A---- C:\windows\SYSWOW64\authui.dll
2018-01-16 17:21:54 ----A---- C:\windows\system32\winhttp.dll
2018-01-16 17:21:54 ----A---- C:\windows\system32\wcncsvc.dll
2018-01-16 17:21:54 ----A---- C:\windows\system32\P2P.dll
2018-01-16 17:21:54 ----A---- C:\windows\system32\nshwfp.dll
2018-01-16 17:21:54 ----A---- C:\windows\system32\icm32.dll
2018-01-16 17:21:54 ----A---- C:\windows\system32\drivers\rdyboost.sys
2018-01-16 17:21:54 ----A---- C:\windows\system32\advapi32.dll
2018-01-16 17:21:53 ----A---- C:\windows\SYSWOW64\wcncsvc.dll
2018-01-16 17:21:53 ----A---- C:\windows\SYSWOW64\setup16.exe
2018-01-16 17:21:53 ----A---- C:\windows\SYSWOW64\rpchttp.dll
2018-01-16 17:21:53 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2018-01-16 17:21:53 ----A---- C:\windows\SYSWOW64\P2P.dll
2018-01-16 17:21:53 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2018-01-16 17:21:53 ----A---- C:\windows\SYSWOW64\msrating.dll
2018-01-16 17:21:53 ----A---- C:\windows\SYSWOW64\icm32.dll
2018-01-16 17:21:53 ----A---- C:\windows\SYSWOW64\fontsub.dll
2018-01-16 17:21:53 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2018-01-16 17:21:53 ----A---- C:\windows\system32\webcheck.dll
2018-01-16 17:21:53 ----A---- C:\windows\system32\WcnApi.dll
2018-01-16 17:21:53 ----A---- C:\windows\system32\pnrpsvc.dll
2018-01-16 17:21:53 ----A---- C:\windows\system32\nlasvc.dll
2018-01-16 17:21:53 ----A---- C:\windows\system32\nlaapi.dll
2018-01-16 17:21:53 ----A---- C:\windows\system32\ncsi.dll
2018-01-16 17:21:53 ----A---- C:\windows\system32\msrating.dll
2018-01-16 17:21:53 ----A---- C:\windows\system32\KernelBase.dll
2018-01-16 17:21:53 ----A---- C:\windows\system32\icfupgd.dll
2018-01-16 17:21:53 ----A---- C:\windows\system32\FWPUCLNT.DLL
2018-01-16 17:21:53 ----A---- C:\windows\system32\fdWCN.dll
2018-01-16 17:21:53 ----A---- C:\windows\system32\dxtmsft.dll
2018-01-16 17:21:53 ----A---- C:\windows\system32\drivers\netbios.sys
2018-01-16 17:21:53 ----A---- C:\windows\system32\drivers\ndproxy.sys
2018-01-16 17:21:53 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2018-01-16 17:21:53 ----A---- C:\windows\system32\drivers\ksecdd.sys
2018-01-16 17:21:53 ----A---- C:\windows\system32\drivers\dfsc.sys
2018-01-16 17:21:53 ----A---- C:\windows\system32\consent.exe
2018-01-16 17:21:53 ----A---- C:\windows\system32\appinfo.dll
2018-01-16 17:21:52 ----A---- C:\windows\SYSWOW64\WcnApi.dll
2018-01-16 17:21:52 ----A---- C:\windows\SYSWOW64\sspicli.dll
2018-01-16 17:21:52 ----A---- C:\windows\SYSWOW64\rasdiag.dll
2018-01-16 17:21:52 ----A---- C:\windows\SYSWOW64\rascfg.dll
2018-01-16 17:21:52 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2018-01-16 17:21:52 ----A---- C:\windows\SYSWOW64\mscms.dll
2018-01-16 17:21:52 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2018-01-16 17:21:52 ----A---- C:\windows\SYSWOW64\fdWCN.dll
2018-01-16 17:21:52 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2018-01-16 17:21:52 ----A---- C:\windows\SYSWOW64\atmlib.dll
2018-01-16 17:21:52 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2018-01-16 17:21:52 ----A---- C:\windows\system32\wfapigp.dll
2018-01-16 17:21:52 ----A---- C:\windows\system32\rasdiag.dll
2018-01-16 17:21:52 ----A---- C:\windows\system32\rascfg.dll
2018-01-16 17:21:52 ----A---- C:\windows\system32\mscms.dll
2018-01-16 17:21:52 ----A---- C:\windows\system32\ieetwcollector.exe
2018-01-16 17:21:52 ----A---- C:\windows\system32\fontsub.dll
2018-01-16 17:21:52 ----A---- C:\windows\system32\drivers\srvnet.sys
2018-01-16 17:21:52 ----A---- C:\windows\system32\drivers\pacer.sys
2018-01-16 17:21:52 ----A---- C:\windows\system32\drivers\ndistapi.sys
2018-01-16 17:21:52 ----A---- C:\windows\system32\drivers\mpsdrv.sys
2018-01-16 17:21:52 ----A---- C:\windows\system32\drivers\appid.sys
2018-01-16 17:21:52 ----A---- C:\windows\system32\csrsrv.dll
2018-01-16 17:21:51 ----A---- C:\windows\SYSWOW64\winhttp.dll
2018-01-16 17:21:51 ----A---- C:\windows\SYSWOW64\wfapigp.dll
2018-01-16 17:21:51 ----A---- C:\windows\SYSWOW64\rasser.dll
2018-01-16 17:21:51 ----A---- C:\windows\SYSWOW64\rasmxs.dll
2018-01-16 17:21:51 ----A---- C:\windows\SYSWOW64\ncsi.dll
2018-01-16 17:21:51 ----A---- C:\windows\system32\WcnEapAuthProxy.dll
2018-01-16 17:21:51 ----A---- C:\windows\system32\traffic.dll
2018-01-16 17:21:51 ----A---- C:\windows\system32\rasser.dll
2018-01-16 17:21:51 ----A---- C:\windows\system32\rasmxs.dll
2018-01-16 17:21:51 ----A---- C:\windows\system32\dxtrans.dll
2018-01-16 17:21:51 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2018-01-16 17:21:50 ----A---- C:\windows\SYSWOW64\wshqos.dll
2018-01-16 17:21:50 ----A---- C:\windows\SYSWOW64\WcnEapPeerProxy.dll
2018-01-16 17:21:50 ----A---- C:\windows\SYSWOW64\WcnEapAuthProxy.dll
2018-01-16 17:21:50 ----A---- C:\windows\SYSWOW64\traffic.dll
2018-01-16 17:21:50 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2018-01-16 17:21:50 ----A---- C:\windows\system32\wshqos.dll
2018-01-16 17:21:50 ----A---- C:\windows\system32\wshnetbs.dll
2018-01-16 17:21:50 ----A---- C:\windows\system32\win32k.sys
2018-01-16 17:21:50 ----A---- C:\windows\system32\WcnEapPeerProxy.dll
2018-01-16 17:21:50 ----A---- C:\windows\system32\inseng.dll
2018-01-16 17:21:50 ----A---- C:\windows\system32\ie4uinit.exe
2018-01-16 17:21:50 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2018-01-16 17:21:49 ----A---- C:\windows\system32\rpchttp.dll
2018-01-16 17:21:48 ----A---- C:\windows\SYSWOW64\WcsPlugInService.dll
2018-01-16 17:21:48 ----A---- C:\windows\SYSWOW64\INETRES.dll
2018-01-16 17:21:48 ----A---- C:\windows\system32\WcsPlugInService.dll
2018-01-16 17:21:48 ----A---- C:\windows\system32\smss.exe
2018-01-16 17:21:48 ----A---- C:\windows\system32\schannel.dll
2018-01-16 17:21:48 ----A---- C:\windows\system32\kerberos.dll
2018-01-16 17:21:48 ----A---- C:\windows\system32\INETRES.dll
2018-01-16 17:21:48 ----A---- C:\windows\system32\ieetwproxystub.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\wdigest.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\srclient.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\schannel.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\occache.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\inseng.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\iesetup.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\iernonce.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\bcrypt.dll
2018-01-16 17:21:47 ----A---- C:\windows\SYSWOW64\appidapi.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\wow64cpu.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\winsrv.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\wdigest.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\TSpkg.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\sspisrv.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\sspicli.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\srclient.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\setbcdlocale.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\secur32.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\rstrui.exe
2018-01-16 17:21:47 ----A---- C:\windows\system32\occache.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\ntvdm64.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\ncrypt.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\msv1_0.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\mshtmled.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\MshtmlDac.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\lsass.exe
2018-01-16 17:21:47 ----A---- C:\windows\system32\lpk.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\jsproxy.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\ieUnatt.exe
2018-01-16 17:21:47 ----A---- C:\windows\system32\iesetup.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\iernonce.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\dciman32.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\cryptbase.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\credssp.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\conhost.exe
2018-01-16 17:21:47 ----A---- C:\windows\system32\bcrypt.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\appidsvc.dll
2018-01-16 17:21:47 ----A---- C:\windows\system32\appidapi.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-16 17:21:46 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-16 17:21:46 ----A---- C:\windows\SYSWOW64\wow32.dll
2018-01-16 17:21:46 ----A---- C:\windows\SYSWOW64\secur32.dll
2018-01-16 17:21:46 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2018-01-16 17:21:46 ----A---- C:\windows\SYSWOW64\lpk.dll
2018-01-16 17:21:46 ----A---- C:\windows\SYSWOW64\dciman32.dll
2018-01-16 17:21:46 ----A---- C:\windows\SYSWOW64\credssp.dll
2018-01-16 17:21:46 ----A---- C:\windows\SYSWOW64\comcat.dll
2018-01-16 17:21:46 ----A---- C:\windows\SYSWOW64\auditpol.exe
2018-01-16 17:21:46 ----A---- C:\windows\system32\comcat.dll
2018-01-16 17:21:46 ----A---- C:\windows\system32\auditpol.exe
2018-01-16 17:21:46 ----A---- C:\windows\system32\atmlib.dll
2018-01-16 17:21:46 ----A---- C:\windows\system32\appidpolicyconverter.exe
2018-01-16 17:21:46 ----A---- C:\windows\system32\appidcertstorecheck.exe
2018-01-16 17:21:45 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-01-16 17:21:45 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-16 17:21:45 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-16 17:21:45 ----A---- C:\windows\SYSWOW64\user.exe
2018-01-16 17:21:45 ----A---- C:\windows\SYSWOW64\instnm.exe
2018-01-16 17:21:45 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2018-01-16 17:21:45 ----A---- C:\windows\system32\apisetschema.dll
2018-01-16 17:21:45 ----A---- C:\windows\system32\adtschema.dll
2018-01-16 17:21:44 ----A---- C:\windows\SYSWOW64\oleres.dll
2018-01-16 17:21:44 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2018-01-16 17:21:44 ----A---- C:\windows\SYSWOW64\msobjs.dll
2018-01-16 17:21:44 ----A---- C:\windows\SYSWOW64\msaudite.dll
2018-01-16 17:21:44 ----A---- C:\windows\SYSWOW64\adtschema.dll
2018-01-16 17:21:44 ----A---- C:\windows\system32\oleres.dll
2018-01-16 17:21:44 ----A---- C:\windows\system32\msxml6r.dll
2018-01-16 17:21:44 ----A---- C:\windows\system32\msobjs.dll
2018-01-16 17:21:44 ----A---- C:\windows\system32\msaudite.dll
2018-01-16 17:21:44 ----A---- C:\windows\system32\ieetwcollectorres.dll
2018-01-14 09:59:01 ----D---- C:\windows\Minidump

====== List of files/folders modified in the last 1 month ======

2018-01-29 17:12:47 ----D---- C:\windows\Temp
2018-01-29 17:10:55 ----D---- C:\windows\System32
2018-01-29 17:10:55 ----D---- C:\windows\inf
2018-01-29 17:10:55 ----A---- C:\windows\system32\PerfStringBackup.INI
2018-01-29 17:06:58 ----A---- C:\windows\SYSWOW64\log.txt
2018-01-29 17:03:27 ----D---- C:\windows
2018-01-29 17:01:53 ----D---- C:\windows\system32\config
2018-01-28 22:12:35 ----D---- C:\windows\Tasks
2018-01-28 22:12:35 ----D---- C:\windows\SysWOW64
2018-01-28 22:12:35 ----D---- C:\windows\system32\wfp
2018-01-28 22:12:35 ----D---- C:\windows\system32\wbem
2018-01-28 22:12:35 ----D---- C:\windows\system32\DriverStore
2018-01-28 22:12:29 ----D---- C:\ProgramData\Port Locker
2018-01-28 22:12:26 ----D---- C:\windows\registration
2018-01-28 17:14:05 ----D---- C:\windows\Prefetch
2018-01-28 16:17:34 ----D---- C:\windows\Microsoft.NET
2018-01-28 16:01:40 ----SHD---- C:\System Volume Information
2018-01-28 15:39:38 ----D---- C:\windows\system32\Tasks
2018-01-28 15:19:06 ----HD---- C:\ProgramData
2018-01-28 15:10:25 ----D---- C:\windows\system32\drivers
2018-01-28 15:00:19 ----RD---- C:\Program Files
2018-01-28 14:34:01 ----RSD---- C:\windows\assembly
2018-01-28 14:12:15 ----D---- C:\windows\system32\catroot2
2018-01-28 13:34:03 ----D---- C:\windows\Downloaded Program Files
2018-01-28 13:31:38 ----RD---- C:\Program Files (x86)
2018-01-28 13:18:40 ----SHD---- C:\windows\Installer
2018-01-28 13:18:28 ----SHD---- C:\Config.Msi
2018-01-28 12:57:17 ----D---- C:\windows\SoftwareDistribution
2018-01-28 11:48:44 ----D---- C:\Users\Lenka\AppData\Roaming\GlarySoft
2018-01-27 23:37:11 ----D---- C:\Program Files\CCleaner
2018-01-27 23:33:45 ----D---- C:\Users\Lenka\AppData\Roaming\Seznam.cz
2018-01-27 23:33:00 ----D---- C:\Program Files (x86)\Seznam.cz
2018-01-27 23:27:48 ----D---- C:\windows\AppPatch
2018-01-27 23:27:39 ----RSD---- C:\windows\Fonts
2018-01-27 23:27:32 ----D---- C:\windows\schemas
2018-01-27 23:27:30 ----D---- C:\windows\system32\en-US
2018-01-27 23:27:30 ----D---- C:\windows\system32\drivers\en-US
2018-01-27 23:27:30 ----D---- C:\windows\system32\cs-CZ
2018-01-27 23:27:30 ----D---- C:\windows\system32\Boot
2018-01-27 23:27:29 ----D---- C:\windows\winsxs
2018-01-27 23:27:29 ----D---- C:\windows\SYSWOW64\wbem
2018-01-27 23:27:29 ----D---- C:\windows\SYSWOW64\cs-CZ
2018-01-27 20:16:40 ----D---- C:\ProgramData\GlarySoft
2018-01-27 19:43:35 ----D---- C:\windows\debug
2018-01-27 10:49:27 ----D---- C:\windows\system32\MRT
2018-01-27 10:46:04 ----AC---- C:\windows\system32\MRT-KB890830.exe
2018-01-27 10:45:29 ----AC---- C:\windows\system32\MRT.exe
2018-01-27 10:35:31 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2018-01-23 19:58:51 ----N---- C:\windows\system32\MpSigStub.exe
2018-01-21 11:06:22 ----D---- C:\Program Files\Internet Explorer
2018-01-21 11:06:22 ----D---- C:\Program Files (x86)\Internet Explorer
2018-01-21 11:06:21 ----D---- C:\windows\SYSWOW64\en-US
2018-01-21 11:06:21 ----D---- C:\windows\ehome
2018-01-21 11:06:17 ----D---- C:\windows\system32\migration
2018-01-16 17:04:39 ----D---- C:\ProgramData\Microsoft Help
2018-01-14 21:36:11 ----D---- C:\ProgramData\Norton
2018-01-14 21:36:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2018-01-14 18:36:36 ----D---- C:\windows\system32\CodeIntegrity
2018-01-14 12:13:46 ----D---- C:\NPE

File C:\windows\system32\winlogon.exe is digitally signed
File C:\windows\system32\wininit.exe is digitally signed
File C:\windows\explorer.exe is digitally signed
File C:\windows\SysWOW64\explorer.exe is digitally signed
File C:\windows\system32\svchost.exe is digitally signed
File C:\windows\SysWOW64\svchost.exe is digitally signed
File C:\windows\system32\services.exe is digitally signed
File C:\windows\system32\User32.dll is digitally signed
File C:\windows\SysWOW64\User32.dll is digitally signed
File C:\windows\system32\userinit.exe is digitally signed
File C:\windows\SysWOW64\userinit.exe is digitally signed
File C:\windows\system32\rpcss.dll is digitally signed
File C:\windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2011-09-14 57952]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2011-09-14 39008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-11-28 304472]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2011-09-14 13408]
R1 EgisTecFF;EgisTecFF; C:\windows\system32\DRIVERS\EgisTecFF.sys [2011-09-14 55880]
R1 GUBootStartup;GUBootStartup; \??\C:\windows\System32\drivers\GUBootStartup.sys [2017-04-17 20160]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2011-09-14 29792]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-11-24 2673664]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-09-15 80384]
R3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2011-02-15 349736]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2011-02-15 107560]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2011-02-15 138280]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2011-02-15 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2011-02-15 21416]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2010-12-24 31088]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-11-22 5363520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-11-22 3962840]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-11-22 454416]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2014-11-22 100312]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2014-11-22 331992]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2014-11-22 941784]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-11-22 33008]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-12-22 1407024]
R3 vm332avs;Lenovo Camera2; C:\windows\System32\Drivers\vm332avs.sys [2014-11-22 958800]
S2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys []
S3 athur;Wireless Network Adapter Service; C:\windows\system32\DRIVERS\athurx.sys [2014-05-23 1930240]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170419.020\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170419.020\EX64.SYS []
S3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2014-11-23 19456]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\windows\system32\DRIVERS\rtwlane.sys [2014-11-22 3300568]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2014-11-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2014-11-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 vm2uvcflt;Vimicro USB Camera Filter 2; C:\windows\System32\Drivers\vm2uvcflt.sys [2010-09-21 15056]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2011-02-15 956192]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 EgisTec Service Help;EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [2010-10-22 327024]
R2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [2017-03-02 189840]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 pccareamw_service;PCCare AM Service; C:\Program Files\PCCare Software\PCCare Anti-Malware\AmwService.exe [2016-07-19 125968]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-18 271448]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-11-22 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2017-12-29 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-12-20 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[Rudy]

Zdravím!
Toto má pravděpodobně jiný důvod, než malware. Poškození systému takového rázu, že jej obnova systému neopraví, nebo poškození hardwaru. Podíváme se na disk. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.

[102mn]

----------------------------------------------------------------------------
CrystalDiskInfo 7.5.1 (C) 2008-2018 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2018/01/29 18:14:11

-- Controller Map ----------------------------------------------------------
+ Intel(R) Mobile Express Chipset SATA AHCI Controller [ATA]
- WDC WD3200BPVT-24ZEST0
- Slimtype DVD A DS8A5SH

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BPVT-24ZEST0 : 320,0 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD3200BPVT-24ZEST0
----------------------------------------------------------------------------
Model : WDC WD3200BPVT-24ZEST0
Firmware : 02.01A02
Serial Number : WD-WXB1A6198032
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 2913 hod.
Power On Count : 2639 krát
Temperature : 40 C (104 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 153 150 _21 00000000052D Čas na roztočení ploten
04 _98 _98 __0 000000000B3C Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _97 _97 __0 000000000B61 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000A4F Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000058 Počet vypnutí disku
C1 180 180 __0 00000000F60A Počet cyklů načítání/vymazání
C2 103 _96 __0 000000000028 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4231 4136 3139 3830 3332
020: 0000 4000 0032 3032 2E30 3141 3032 5744 4320 5744
030: 3332 3030 4250 5654 2D32 345A 4553 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0001 003F BFC1 000F 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 004C
080: 01FE 0000 746B 7D09 6123 7469 BC09 6123 407F 0027
090: 0027 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 0179 508A 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 16FE 011F 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C4A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 99 96 2D 05 00 00 00 00 00 04 32 00 62 62 3C
020: 0B 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 61 61 61 0B 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 4F 0A 00 00 00 00 00 C0 32
070: 00 C8 C8 58 00 00 00 00 00 00 C1 32 00 B4 B4 0A
080: F6 00 00 00 00 00 C2 22 00 67 60 28 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 1E 01 7B
170: 03 00 01 00 02 5D 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 67

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9D

[Rudy]

V disku ten problém nebude, je OK. Máte nainstalovány všechny ovladače herdwaru?

[102mn]

Vypadá to, že ano. Pouze u síťových adaptérů je nějaký problém (Microsoft 6to4 Adapter, ISATAP Adapter, Teredo Tunneling Pseudo-Interface.

[Rudy]

Ono jich klidně může být více. Jde o to, zda u některého nesvívtí chyba. Pokud tomu tak není, pak zkuste Startmenu>přík. řádek>(napsat) sfc /scannow>Enter. Spustí se sken a příp. oprava systémových souborů. Po akci restartujte PC.

[102mn]

Pouze u těch tří co jsem Vám psala je výstražný trojúhelník a napsáno "Toto zařízené nelze spustit. (Kód 10)".

[Rudy]

Sken sfc /scannow spusťte v každém případě a pokuste se doinstalovat ovladače k těm adaptérům.

[102mn]

Po provedení scanu k žádnému narušení integrity nedošlo. Zrestartovala jsem PC, až po pátém restartu jsem se opět dostala do PC.
Ještě se pokusím nainstalovat ty ovladače.

[102mn]

Provedla jsem aktualizace ovladačů, ale system hlásil, že jsou již aktuální a chyba je u nich stále.

[Rudy]

Budete je tedy muset stáhnout webu výrobce hardwaru ručně a nainstalovat.

[102mn]

A mají tyto ovladače nějaký vliv na tento můj problém. Ty ovladače jsou takhle s chybou již několik let.

[Rudy]

Mohou a nemusí. Pokud to fungovalo i bez nich, je pravděpodobné, že problém je někde jinde. Zkuste tedy opravu systému pomocí Windows repair: http://www.stahuj.centrum.cz/utility_a_ ... ws-repair/ .

[102mn]

Opravu systému jsem provedla, ale nevím zda správně. Teď netuším jak dál pokračovat. Na záložce "getting started" jsem zmáčkla tlačítko "Jump To Repairs" a provedla se oprava asi 43 kroků. V programu jsou ještě další záložky: krok 1 až 4, ale nevím zda a jak je mám spustit, pokud se mají provést.

[Rudy]

Nevím, co je to knkrétně za kroky. Vyzkoušejte, jak se systém chová nyní.