VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o preventivku

https://forum.viry.cz:443/viewtopic.php?t=154377

Stránka 1 z 1

Prosím o preventivku

Napsal: 11 čer 2018 15:55
od Filis
Díky za kontrolu:

Logfile of random's system information tool 1.10 (written by random/random)
Run by User at 2018-06-11 16:52:26
Microsoft Windows 8.1
System drive C: has 180 GB (19%) free of 937 GB
Total RAM: 8090 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:52:29, on 11. 6. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Lenovo\onelinkpromgn.exe
C:\Program Files (x86)\Integrated Camera\Monitor.exe
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13-comm.msn.com/?pc=LNJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Integrated Camera_Monitor] "C:\Program Files (x86)\Integrated Camera\monitor.exe"
O4 - HKLM\..\Run: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
O4 - Global Startup: ThinkPad OneLink Dock Management.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem2.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lnvDiscoveryWinSvc - Lenovo - C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
O23 - Service: Lenovo Settings Mobile Hotspot Service (LnvHotSpotSvc) - Lenovo - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OKI OKHC DCS Loader - Oki Data Corporation - C:\windows\system32\spool\DRIVERS\x64\3\OKHCLDCS.EXE
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @oem22.inf,%WBFService_SvcDesc%;Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14218 bytes

======Listing Processes======





wininit.exe


C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\ibmpmsvc.exe
"C:\windows\system32\nvvsvc.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\windows\system32\valWBFPolicyService.exe
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
taskhost.exe $(Arg0)
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
dashost.exe {d1ba540c-66bc-441d-b318be98e4589614}
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-28d9b471-ee73-4cd3-b8b1-473ac6b306d7 -SystemEventPortName:HostProcess-41d44c68-aaf1-4cb5-ae2d-26c32131bc14 -IoCancelEventPortName:HostProcess-29e78aa3-d761-4220-b00e-61bc8de156d5 -NonStateChangingEventPortName:HostProcess-01f8ad6c-f4fd-4e09-8b04-d5778bc0f734 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7720c86b-5bae-4e44-b4c1-253acf6a06e7 -DeviceGroupId:
C:\windows\system32\WLANExt.exe 43038546896
\??\C:\windows\system32\conhost.exe 0x4
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5f2003ba-bd74-47dc-86db-c3eb51b76c33 -SystemEventPortName:HostProcess-9daa8b92-941c-468b-9dac-821ff6e82c6d -IoCancelEventPortName:HostProcess-20059cd3-7051-4330-affd-d6d527384030 -NonStateChangingEventPortName:HostProcess-fb628d49-8c2c-4cad-b887-ea7017a7688b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7837f8a3-b49e-4bb5-b4e6-e7cbf3ead4c9 -DeviceGroupId:WudfDefaultDevicePool
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ce15c1da-e99a-4e71-bf56-546c9fa78266 -SystemEventPortName:HostProcess-cd7261cf-3add-451e-a041-ce27b2528515 -IoCancelEventPortName:HostProcess-af5f0c54-5f5b-48f5-9c55-fe0cdacb1d88 -NonStateChangingEventPortName:HostProcess-273061c7-dfe6-467c-a0f9-3e0d01816033 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fe00c13e-819f-4017-a569-f7573f579a42 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a14a9d1f-b1cc-451a-a82f-92619cc68ac6 -SystemEventPortName:HostProcess-f12fcce0-4a2f-4d84-a899-da823a2c767e -IoCancelEventPortName:HostProcess-1c29a72c-41f7-49e8-b44d-39542ceffe2b -NonStateChangingEventPortName:HostProcess-0b5d7207-2ad1-48e1-8e3d-26d6f3ce0c3e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:db0c5415-b1ab-4123-afcf-e2f868521a4a -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-790ab72d-f83e-41eb-bc09-0ca1cc7f3ee2 -SystemEventPortName:HostProcess-7818bd54-45ba-499d-97f5-d346d87398d9 -IoCancelEventPortName:HostProcess-e5b22865-7db9-4577-8841-7af72eee7759 -NonStateChangingEventPortName:HostProcess-83a8813f-13d3-4831-b5b9-70708e6fe332 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:15eae933-87a6-43af-939e-faa32c09665d -DeviceGroupId:
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskhost.exe
C:\windows\system32\DllHost.exe /Processid:{133EAC4F-5891-4D04-BADA-D84870380A80}
C:\windows\system32\svchost.exe -k imgsvc

C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session
C:\windows\system32\PrintIsolationHost.exe -Embedding
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe"
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
"C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe"
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe"
\??\C:\windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\Explorer.EXE
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
C:\Windows\System32\skydrive.exe -Embedding
taskhostex.exe
C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.MediaKey
C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\windows\system32\wuauclt.exe"
"C:\windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
C:\windows\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Lenovo\HOTKEY\extapsup.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe"
"C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe"
"C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe" /RunWithOS
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files (x86)\Lenovo\onelinkpromgn.exe" 1.08.22
"C:\Program Files (x86)\Integrated Camera\Monitor.exe"
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
"C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE" /TrayOnly
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
AvastUI.exe /nogui
C:\windows\system32\PrintIsolationHost.exe -Embedding
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
taskeng.exe {1A5D452D-09D7-4D26-B396-FCB06DC57E61}

C:\windows\system32\svchost.exe -k defragsvc
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3609408744-3582206182-4132503271-1002480_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3609408744-3582206182-4132503271-1002480 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\windows\system32\SearchFilterHost.exe" 0 552 568 580 65536 576
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\User\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=66.0.3359.181 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ff8fe433218,0x7ff8fe433228,0x7ff8fe433238
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=13176 --on-initialized-event-handle=500 --parent-handle=504 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=150459BCBBFA4621059AB3CA00C75783 --mojo-platform-channel-handle=1500 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=C49077DB3C41D850DD9C200858FC7BDA --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=C49077DB3C41D850DD9C200858FC7BDA --renderer-client-id=3 --mojo-platform-channel-handle=1744 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=0BE9A9EDF7BA195A8DBCB636CC494A50 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=0BE9A9EDF7BA195A8DBCB636CC494A50 --renderer-client-id=4 --mojo-platform-channel-handle=2584 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=8B5A16FFBA95455610478E894BBFA02C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=8B5A16FFBA95455610478E894BBFA02C --renderer-client-id=27 --mojo-platform-channel-handle=5328 /prefetch:1
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe481_ Global\UsGthrCtrlFltPipeMssGthrPipe481 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=C9D7134DCEC612B91AE4F09CECC09ED4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=C9D7134DCEC612B91AE4F09CECC09ED4 --renderer-client-id=6 --mojo-platform-channel-handle=7928 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=A369C21C236A0625346C31DBECB3A055 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=A369C21C236A0625346C31DBECB3A055 --renderer-client-id=20 --mojo-platform-channel-handle=8252 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=84BA340EF01F8B0E84061996C6D3A9A6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=84BA340EF01F8B0E84061996C6D3A9A6 --renderer-client-id=8 --mojo-platform-channel-handle=8524 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=26EE105BBAC7C51A81408ADF9E67EFEC --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=26EE105BBAC7C51A81408ADF9E67EFEC --renderer-client-id=7 --mojo-platform-channel-handle=8688 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=F30D4A9817BC68D6FDB529D13F00AE80 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=F30D4A9817BC68D6FDB529D13F00AE80 --renderer-client-id=26 --mojo-platform-channel-handle=8940 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=8B9BC7DD8AD881784022C979B7EC3722 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=8B9BC7DD8AD881784022C979B7EC3722 --renderer-client-id=29 --mojo-platform-channel-handle=9144 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=2F296E929272105B13CF70E64A0FB7EA --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=2F296E929272105B13CF70E64A0FB7EA --renderer-client-id=21 --mojo-platform-channel-handle=6736 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --ppapi-flash-args --lang=cs --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --service-request-channel-token=50463C05B4F41946BB7E654D16349ECF --mojo-platform-channel-handle=9292 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=BCF724AB031ECC18D7A121165F71F5A1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=BCF724AB031ECC18D7A121165F71F5A1 --renderer-client-id=22 --mojo-platform-channel-handle=9588 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=44BC5EB8532673DC9C970696AD15FCEE --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=44BC5EB8532673DC9C970696AD15FCEE --renderer-client-id=23 --mojo-platform-channel-handle=7432 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=0DE9B5D8DEF3B1C0B060B6E7A641D21B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=0DE9B5D8DEF3B1C0B060B6E7A641D21B --renderer-client-id=24 --mojo-platform-channel-handle=1888 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=FCF50395EA44F565CCBAA39BECB1F7C3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=FCF50395EA44F565CCBAA39BECB1F7C3 --renderer-client-id=9 --mojo-platform-channel-handle=10004 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=99E7DB382E5CDDCE76576001B3B7E851 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=99E7DB382E5CDDCE76576001B3B7E851 --renderer-client-id=10 --mojo-platform-channel-handle=11916 /prefetch:1

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=662BAB2080EF6199F9D25E464FE8EAC4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=662BAB2080EF6199F9D25E464FE8EAC4 --renderer-client-id=11 --mojo-platform-channel-handle=12440 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=86F5AC82EFFC397F43365AB60A4CF3BA --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=86F5AC82EFFC397F43365AB60A4CF3BA --renderer-client-id=15 --mojo-platform-channel-handle=12940 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=5C65295182688C11CAB35A6B98046539 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=5C65295182688C11CAB35A6B98046539 --renderer-client-id=16 --mojo-platform-channel-handle=10664 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=524693A24B4120D3DD1525B79AC85BA3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=524693A24B4120D3DD1525B79AC85BA3 --renderer-client-id=17 --mojo-platform-channel-handle=12512 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=D4E4DEBD2950602CEDFF98924B48A784 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=D4E4DEBD2950602CEDFF98924B48A784 --renderer-client-id=31 --mojo-platform-channel-handle=13756 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=B380B74B3DDD66A44A6A1A2DB2F50BC0 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=B380B74B3DDD66A44A6A1A2DB2F50BC0 --renderer-client-id=14 --mojo-platform-channel-handle=10620 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=B5AA30DE0FB03BB14D8E14150337F6F5 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=B5AA30DE0FB03BB14D8E14150337F6F5 --renderer-client-id=25 --mojo-platform-channel-handle=14812 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=6AF355C083EADCFE67FAB0CAF9F8E18E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=6AF355C083EADCFE67FAB0CAF9F8E18E --renderer-client-id=18 --mojo-platform-channel-handle=14652 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=F1B30C2A1E325047B101E38440506043 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=F1B30C2A1E325047B101E38440506043 --renderer-client-id=19 --mojo-platform-channel-handle=11224 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=C2C5E7EC7883C32E99BC3A77713CC1C6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=C2C5E7EC7883C32E99BC3A77713CC1C6 --renderer-client-id=13 --mojo-platform-channel-handle=15800 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1484,10641794673312291972,16821941065272123506,131072 --service-pipe-token=8634246F24BFE2ED633F31774A3578EC --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=8634246F24BFE2ED633F31774A3578EC --renderer-client-id=12 --mojo-platform-channel-handle=16276 /prefetch:1
"C:\Users\User\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-05-27 229040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-02-18 573504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-05-17 958328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-27 2353944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-18 236608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-05-17 820672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2013-12-09 391152]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2013-12-09 771056]
"Persistence"=C:\windows\system32\igfxpers.exe [2013-12-09 770032]
"LenovoOptMouseUpdate"=C:\Program Files\Lenovo\HOTKEY\extapsup.exe [2013-06-21 255480]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2013-10-21 280576]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2013-08-15 670960]
"LnvMobHotspotClient"=C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [2015-02-20 939976]
"LMCSSTART1"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2016-04-12 35856]
"LMCSSTART2"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2016-04-12 35856]
"LMCSSTART3"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2016-04-12 35856]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-05-17 242904]
"Network Configuration"=c:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [2012-08-27 725280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-05-24 18364648]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2015-09-02 721504]
"OscarEditor"=C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [2012-08-17 3345408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Integrated Camera_Monitor"=C:\Program Files (x86)\Integrated Camera\monitor.exe [2013-07-26 1720184]
"Fastboot"=C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [2014-08-19 750320]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19 587800]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ThinkPad OneLink Dock Management.lnk - C:\Program Files (x86)\Lenovo\onelinkpromgn.exe

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft SharePoint Workspace.lnk - C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2013-11-28 624640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-06-11 16:52:26 ----D---- C:\Program Files\trend micro
2018-06-10 15:15:02 ----A---- C:\Users\User\AppData\Roaming\Opusbext.dat
2018-05-27 20:59:00 ----D---- C:\MagicPlusMini
2018-05-17 19:46:30 ----A---- C:\windows\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2018-06-11 16:52:26 ----RD---- C:\Program Files
2018-06-11 16:51:37 ----D---- C:\windows\Prefetch
2018-06-11 16:46:03 ----D---- C:\windows\SoftwareDistribution
2018-06-11 16:46:03 ----D---- C:\windows\Inf
2018-06-11 16:46:03 ----D---- C:\Windows
2018-06-11 16:46:02 ----D---- C:\windows\Temp
2018-06-11 16:45:08 ----D---- C:\windows\system32\Tasks
2018-06-11 16:15:54 ----D---- C:\windows\system32\sru
2018-06-11 06:02:51 ----RD---- C:\windows\System32
2018-06-11 06:02:51 ----A---- C:\windows\system32\PerfStringBackup.INI
2018-06-10 20:35:21 ----SHD---- C:\System Volume Information
2018-06-10 15:15:24 ----SHD---- C:\windows\Installer
2018-06-10 15:15:23 ----D---- C:\windows\SysWOW64
2018-06-10 15:12:36 ----D---- C:\windows\system32\catroot
2018-06-10 15:12:35 ----D---- C:\windows\system32\DriverStore
2018-06-10 15:07:31 ----SD---- C:\ProgramData\Microsoft
2018-06-09 01:56:51 ----D---- C:\windows\Microsoft.NET
2018-05-27 20:07:33 ----D---- C:\windows\system32\drivers
2018-05-27 10:06:23 ----RSD---- C:\windows\assembly
2018-05-27 10:06:21 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-05-27 10:06:11 ----D---- C:\ProgramData\Microsoft Help
2018-05-27 10:05:08 ----D---- C:\Program Files\Microsoft Office 15
2018-05-25 13:08:35 ----D---- C:\ProgramData\Synaptics
2018-05-24 15:44:21 ----D---- C:\Users\User\AppData\Roaming\XnView
2018-05-24 15:43:26 ----D---- C:\windows\Minidump
2018-05-24 15:42:29 ----D---- C:\F
2018-05-24 15:36:42 ----D---- C:\windows\system32\config
2018-05-23 01:44:34 ----RD---- C:\Program Files (x86)
2018-05-22 22:23:27 ----D---- C:\Users\User\AppData\Roaming\Nitro PDF
2018-05-16 12:20:19 ----D---- C:\windows\system32\NDF
2018-05-13 23:25:57 ----D---- C:\windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\windows\system32\drivers\aswbidsha.sys [2018-03-05 199440]
R0 aswblog;aswblog; C:\windows\system32\drivers\aswbloga.sys [2018-03-05 343752]
R0 aswbuniv;aswbuniv; C:\windows\system32\drivers\aswbuniva.sys [2018-03-05 57680]
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2018-05-17 85968]
R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2018-05-17 381552]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2013-08-29 644968]
R0 IntelHSWPcc;IntelHSWPcc; C:\windows\System32\drivers\IntelPcc.sys [2013-07-03 74344]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-11-01 32544]
R1 aswArPot;aswArPot; C:\windows\system32\drivers\aswArPot.sys [2018-05-17 196640]
R1 aswbidsdriver;aswbidsdriver; C:\windows\system32\drivers\aswbidsdrivera.sys [2018-03-05 227504]
R1 aswHdsKe;aswHdsKe; C:\windows\system32\drivers\aswHdsKe.sys [2018-05-17 234560]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2018-05-17 111360]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2018-05-17 1027720]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2018-05-17 460520]
R1 SMIDriver;SMIDriver; C:\windows\system32\drivers\smi.sys [2015-12-02 19664]
R1 TPPWRIF;TPPWRIF; C:\windows\System32\drivers\Tppwr64v.sys [2016-04-14 29008]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2018-05-17 159120]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2018-05-17 205976]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 Fastboot;Fastboot; C:\windows\System32\DRIVERS\fastboot.sys [2014-08-19 65928]
R3 IBMPMDRV;IBMPMDRV; C:\windows\system32\DRIVERS\ibmpmdrv.sys [2013-11-08 54528]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2013-11-28 4209152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2013-09-25 3667416]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2013-10-29 27032]
R3 LnvHIDHW;@oem38.inf,%LnvHIDHW%;Lenovo HID Mini-driver for Hardware Radio Switch; C:\windows\System32\drivers\LnvHIDHW.sys [2014-04-07 29496]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2016-03-10 27008]
R3 MEIx64;@oem23.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2013-11-01 11311392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RtkBtFilter;@oem18.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\windows\system32\DRIVERS\RtkBtfilter.sys [2013-11-19 555224]
R3 RTL8168;@oem16.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-06-22 816344]
R3 RTWlanE;@oem17.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\windows\system32\DRIVERS\rtwlane.sys [2013-08-21 2944216]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-15 34544]
R3 SPUVCbv;@oem14.inf,%SPUVCb.ServiceName%;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2013-09-05 1509880]
R3 SynTP;@oem32.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-08-15 527600]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys [2015-08-10 82072]
S3 aswHwid;aswHwid; C:\windows\system32\drivers\aswHwid.sys [2018-05-17 46968]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dot4;@oem35.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem36.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem35.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2013-10-29 39320]
S3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2013-11-28 449496]
S3 ldiagio_uefi;ldiagio; \??\C:\Program Files\Lenovo\Lenovo Solution Center\App\ldiag\x64\ldiagio_uefi.sys [2015-12-22 25248]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2016-09-01 192216]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2016-03-10 65408]
S3 NETwNe64;@netwew00.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew00.sys [2013-07-08 3344352]
S3 RSUSBSTOR;@oem31.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2013-07-09 263896]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2014-08-19 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-05-17 317280]
R2 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2016-04-12 566288]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2013-11-07 66560]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-12-12 3058392]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 FastbootService;FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2014-08-19 140016]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-23 43696]
R2 IBMPMSVC;@oem2.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\windows\system32\ibmpmsvc.exe [2013-11-08 66856]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-04 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2015-09-25 2023592]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-11 136288]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 lnvDiscoveryWinSvc;lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [2014-02-22 22576]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2015-05-12 469720]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-07-26 230416]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-10-29 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-11-01 1364256]
R2 PSI_SVC_2;Corel License Validation Service V2, Powered by arvato; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2014-04-30 277360]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-01-31 124976]
R2 valWBFPolicyService;@oem22.inf,%WBFService_SvcDesc%;Validity WBF Policy Service; C:\windows\system32\valWBFPolicyService.exe [2015-12-06 88400]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-05-17 7620096]
R3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-04-10 160960]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2016-04-14 1668776]
R3 QuickControlService;Lenovo QuickControl Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [2014-02-12 322608]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-04 164984]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-01 107848]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
S2 QuickControlMasterSvc;Lenovo QuickControl Master Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [2014-02-12 59440]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-04 164984]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2013-12-09 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-01 107848]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-04-23 532224]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2016-04-12 461840]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2016-04-12 459280]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2016-04-12 631312]
S3 LnvHotSpotSvc;Lenovo Settings Mobile Hotspot Service; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [2015-03-23 480712]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-06-02 273232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 OKI OKHC DCS Loader;OKI OKHC DCS Loader; C:\windows\system32\spool\DRIVERS\x64\3\OKHCLDCS.EXE [2009-03-05 20480]
S4 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-01-31 110640]

-----------------EOF-----------------

Re: Prosím o preventivku

Napsal: 12 čer 2018 17:16
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Prosím o preventivku

Napsal: 12 čer 2018 17:31
od Filis
# -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build: 06-05-2018
# Database: 2018-06-11.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-12-2018
# Duration: 00:00:04
# OS: Windows 8.1
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted OnlineMapFinder

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1249 octets] - [12/06/2018 18:27:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Prosím o preventivku

Napsal: 12 čer 2018 18:00
od Rudy
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Re: Prosím o preventivku

Napsal: 12 čer 2018 21:07
od Filis
Logfile of random's system information tool 1.10 (written by random/random)
Run by User at 2018-06-12 22:07:23
Microsoft Windows 8.1
System drive C: has 180 GB (19%) free of 937 GB
Total RAM: 8090 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:07:25, on 12. 6. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
C:\Program Files (x86)\Lenovo\onelinkpromgn.exe
C:\Program Files (x86)\Integrated Camera\Monitor.exe
C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13-comm.msn.com/?pc=LNJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Integrated Camera_Monitor] "C:\Program Files (x86)\Integrated Camera\monitor.exe"
O4 - HKLM\..\Run: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
O4 - Global Startup: ThinkPad OneLink Dock Management.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem2.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lnvDiscoveryWinSvc - Lenovo - C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
O23 - Service: Lenovo Settings Mobile Hotspot Service (LnvHotSpotSvc) - Lenovo - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OKI OKHC DCS Loader - Oki Data Corporation - C:\windows\system32\spool\DRIVERS\x64\3\OKHCLDCS.EXE
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @oem22.inf,%WBFService_SvcDesc%;Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14035 bytes

======Listing Processes======





wininit.exe

winlogon.exe


C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\system32\ibmpmsvc.exe
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7826f18e-5aa8-4a41-9633-154d8628ea11 -SystemEventPortName:HostProcess-0c65737c-c810-4c23-bc39-708f95ccaa50 -IoCancelEventPortName:HostProcess-7108f733-4df8-44ce-a2e1-93131e1085aa -NonStateChangingEventPortName:HostProcess-2bf2ed02-5f72-47fd-a0db-31c88e4d05a5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ededb70c-fe36-40a6-a3d1-2250e929f7f2 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1cc54832-76c9-47dc-b8bc-b350b9825cbc -SystemEventPortName:HostProcess-b1967143-64ec-43ac-9913-697fd0d14542 -IoCancelEventPortName:HostProcess-2e5dad6a-f259-4551-bba7-1749391c78d1 -NonStateChangingEventPortName:HostProcess-4fa7d3ac-a5d8-4641-80c1-aebf72297f1d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cb3851b4-eb40-40c4-a4d7-227bde4b7cd2 -DeviceGroupId:WudfDefaultDevicePool
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8aab7334-8724-47fb-bc8d-a5f275b36e8c -SystemEventPortName:HostProcess-75f2bcef-7b5a-489e-9e85-129c097cf02b -IoCancelEventPortName:HostProcess-bed1cd8d-7ac6-4452-84aa-f00a88f11431 -NonStateChangingEventPortName:HostProcess-150854d9-8b93-4584-aac8-bf86d05d2412 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8f0be560-f4b4-43b2-a60d-981cb31c1286 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9b6a3197-d709-49e9-a14f-ecee8696c24c -SystemEventPortName:HostProcess-8f96d08b-5329-40a9-af70-c8f4792a88d0 -IoCancelEventPortName:HostProcess-d0211ea5-559b-448b-bb15-2415617ae984 -NonStateChangingEventPortName:HostProcess-f871b868-189f-4945-aeb4-8f2c9e0fdb40 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e31a8d6f-ae0f-43e0-8666-0f9345cc11e6 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6dc086f2-039c-4e27-8239-2a4beffc38be -SystemEventPortName:HostProcess-e3def93c-6d63-467b-8bd3-e13b3d040c46 -IoCancelEventPortName:HostProcess-dd1f6ff1-294e-4aa7-87d2-2e37f0427da2 -NonStateChangingEventPortName:HostProcess-470f3fc5-ab62-430c-93b1-6f609a79b3b9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e9e6f4dc-510f-45e7-a855-c828c59d3d15 -DeviceGroupId:
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 553277855856
\??\C:\windows\system32\conhost.exe 0x4

C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskhostex.exe
"C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe"
dashost.exe {5528ef07-b2f7-4a74-94a4be02ec1e92b1}
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\windows\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
"C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\valWBFPolicyService.exe
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\windows\system32\PrintIsolationHost.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.MediaKey
C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe"
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
"C:\windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Lenovo\HOTKEY\extapsup.exe"
"C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe"
"C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe"
"C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe" /RunWithOS
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
"C:\Program Files (x86)\Lenovo\onelinkpromgn.exe" 1.08.22
"C:\Program Files (x86)\Integrated Camera\Monitor.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE" /TrayOnly
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
AvastUI.exe /nogui

"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\User\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=66.0.3359.181 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ffd45ca3218,0x7ffd45ca3228,0x7ffd45ca3238
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2540 --on-initialized-event-handle=484 --parent-handle=488 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=BC40AF09B92EDD0B8B19D7959A386219 --mojo-platform-channel-handle=1436 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=AEE1FB1F839C6076FA0F4C72614F7CDB --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=AEE1FB1F839C6076FA0F4C72614F7CDB --renderer-client-id=3 --mojo-platform-channel-handle=2236 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=3F8DE1C6CD586AA93B8E2B7CD712130A --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=3F8DE1C6CD586AA93B8E2B7CD712130A --renderer-client-id=4 --mojo-platform-channel-handle=2448 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=FBB2A2B1CBB93D135026A0587CCDCB14 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=FBB2A2B1CBB93D135026A0587CCDCB14 --renderer-client-id=32 --mojo-platform-channel-handle=2800 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=33589AB2998ADD854461661305A7AF4D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=33589AB2998ADD854461661305A7AF4D --renderer-client-id=33 --mojo-platform-channel-handle=4540 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=628494B310EE8B1CF90E8CE272EF6235 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=628494B310EE8B1CF90E8CE272EF6235 --renderer-client-id=31 --mojo-platform-channel-handle=4488 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=D5C8B183140163DC5F884D2A5EBDBCDF --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=D5C8B183140163DC5F884D2A5EBDBCDF --renderer-client-id=30 --mojo-platform-channel-handle=5064 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=783E4B2D8CA454D34906EE4EB2F84321 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=783E4B2D8CA454D34906EE4EB2F84321 --renderer-client-id=6 --mojo-platform-channel-handle=5208 /prefetch:1
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
\??\C:\windows\system32\conhost.exe 0x4
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=D584CAB394DDBCEA52127662972DA3B3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=D584CAB394DDBCEA52127662972DA3B3 --renderer-client-id=28 --mojo-platform-channel-handle=5632 /prefetch:1
"C:\windows\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=BCF1321D70CEBD75275157582841207A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=BCF1321D70CEBD75275157582841207A --renderer-client-id=27 --mojo-platform-channel-handle=6028 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=384534D7DDDD9F0E44BAC41A8915DDF3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=384534D7DDDD9F0E44BAC41A8915DDF3 --renderer-client-id=29 --mojo-platform-channel-handle=6692 /prefetch:1
"C:\windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=E0DBCB4882E691550133DC5F0A6DECD1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=E0DBCB4882E691550133DC5F0A6DECD1 --renderer-client-id=22 --mojo-platform-channel-handle=656 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=248F35A5C8DBC15C17CFB858C1B45886 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=248F35A5C8DBC15C17CFB858C1B45886 --renderer-client-id=21 --mojo-platform-channel-handle=7864 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=8CB4A499784F2318999B3ACA66F59710 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=8CB4A499784F2318999B3ACA66F59710 --renderer-client-id=26 --mojo-platform-channel-handle=8344 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=2FB4492AE44498A4A1F77D72E7149B99 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=2FB4492AE44498A4A1F77D72E7149B99 --renderer-client-id=25 --mojo-platform-channel-handle=4368 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=EA11D5BBA618F4F241EFEFF3AB24D851 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=EA11D5BBA618F4F241EFEFF3AB24D851 --renderer-client-id=8 --mojo-platform-channel-handle=7656 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=D19B3E67B908D6732CE4CD09F084147E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=D19B3E67B908D6732CE4CD09F084147E --renderer-client-id=7 --mojo-platform-channel-handle=8972 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=CEF4D998699C5FB72A336E6BBD93AE29 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=CEF4D998699C5FB72A336E6BBD93AE29 --renderer-client-id=20 --mojo-platform-channel-handle=9160 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=C3AE6F10251FB05B5789C800FA870C10 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=C3AE6F10251FB05B5789C800FA870C10 --renderer-client-id=23 --mojo-platform-channel-handle=9792 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=CE92051C74E516869F702AB391965835 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=CE92051C74E516869F702AB391965835 --renderer-client-id=35 --mojo-platform-channel-handle=9756 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --ppapi-flash-args --lang=cs --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --service-request-channel-token=3D8AAAB446B292FF69F440174752979B --mojo-platform-channel-handle=10364 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=3A83761C9F0AEB449DF4EBBB8854886D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=3A83761C9F0AEB449DF4EBBB8854886D --renderer-client-id=9 --mojo-platform-channel-handle=10716 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=7D619350487E5B89D4B21FBE37B2D26D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=7D619350487E5B89D4B21FBE37B2D26D --renderer-client-id=10 --mojo-platform-channel-handle=11552 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=B0807A58E50CA788159F452B7E53B6D2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=B0807A58E50CA788159F452B7E53B6D2 --renderer-client-id=11 --mojo-platform-channel-handle=11816 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=E73E6AD0C048087B3A3D29976AF710BD --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=E73E6AD0C048087B3A3D29976AF710BD --renderer-client-id=15 --mojo-platform-channel-handle=12260 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=0A51A7632FBE48CE721C3FF5743F38C2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=0A51A7632FBE48CE721C3FF5743F38C2 --renderer-client-id=16 --mojo-platform-channel-handle=10664 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=066E9B1D378E58D6E15D02599EB3C948 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=066E9B1D378E58D6E15D02599EB3C948 --renderer-client-id=17 --mojo-platform-channel-handle=13016 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=6E1075D90BE430790C2807A9282DC263 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=6E1075D90BE430790C2807A9282DC263 --renderer-client-id=38 --mojo-platform-channel-handle=8452 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=AC6278C1A992FFF07701731F93B4D88E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=AC6278C1A992FFF07701731F93B4D88E --renderer-client-id=14 --mojo-platform-channel-handle=13940 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=CD8BC3FA087AA3364AE1592422463B7B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=CD8BC3FA087AA3364AE1592422463B7B --renderer-client-id=24 --mojo-platform-channel-handle=14220 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=3F2C1B7DB15BDC7651DCFB5658132F64 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=3F2C1B7DB15BDC7651DCFB5658132F64 --renderer-client-id=18 --mojo-platform-channel-handle=11200 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=05920D2A770772D688308046BD9B052F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=05920D2A770772D688308046BD9B052F --renderer-client-id=19 --mojo-platform-channel-handle=15700 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=B5B22CAB5C5FE5734F915CD02D4FDE81 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=B5B22CAB5C5FE5734F915CD02D4FDE81 --renderer-client-id=13 --mojo-platform-channel-handle=16360 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1424,11670004225012815361,11183868526494512729,131072 --service-pipe-token=FFC0D0241DBBAEB572396175077B90FC --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=FFC0D0241DBBAEB572396175077B90FC --renderer-client-id=12 --mojo-platform-channel-handle=11968 /prefetch:1
wmiadap.exe /F /T /R

C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\User\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-05-27 229040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-02-18 573504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-05-17 958328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-27 2353944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-18 236608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-05-17 820672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2013-12-09 391152]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2013-12-09 771056]
"Persistence"=C:\windows\system32\igfxpers.exe [2013-12-09 770032]
"LenovoOptMouseUpdate"=C:\Program Files\Lenovo\HOTKEY\extapsup.exe [2013-06-21 255480]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2013-10-21 280576]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2013-08-15 670960]
"LnvMobHotspotClient"=C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [2015-02-20 939976]
"LMCSSTART1"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2016-04-12 35856]
"LMCSSTART2"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2016-04-12 35856]
"LMCSSTART3"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2016-04-12 35856]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-05-17 242904]
"Network Configuration"=c:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [2012-08-27 725280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-05-24 18364648]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2015-09-02 721504]
"OscarEditor"=C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [2012-08-17 3345408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Integrated Camera_Monitor"=C:\Program Files (x86)\Integrated Camera\monitor.exe [2013-07-26 1720184]
"Fastboot"=C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [2014-08-19 750320]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ThinkPad OneLink Dock Management.lnk - C:\Program Files (x86)\Lenovo\onelinkpromgn.exe

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft SharePoint Workspace.lnk - C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2013-11-28 624640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-06-12 22:00:34 ----D---- C:\_OTM
2018-06-11 16:52:26 ----D---- C:\Program Files\trend micro
2018-06-10 15:15:02 ----A---- C:\Users\User\AppData\Roaming\Opusbext.dat
2018-05-27 20:59:00 ----D---- C:\MagicPlusMini
2018-05-17 19:46:30 ----A---- C:\windows\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2018-06-12 22:05:13 ----D---- C:\windows\Temp
2018-06-12 22:03:37 ----D---- C:\windows\Prefetch
2018-06-12 22:02:14 ----D---- C:\ProgramData\Synaptics
2018-06-12 22:01:30 ----D---- C:\ProgramData\Realtek
2018-06-12 22:00:00 ----D---- C:\windows\system32\sru
2018-06-12 18:36:17 ----RD---- C:\windows\System32
2018-06-12 18:36:17 ----D---- C:\windows\Inf
2018-06-12 18:36:17 ----A---- C:\windows\system32\PerfStringBackup.INI
2018-06-12 18:29:30 ----D---- C:\windows\system32\Tasks
2018-06-12 18:28:39 ----D---- C:\Windows
2018-06-12 18:27:03 ----D---- C:\AdwCleaner
2018-06-11 17:23:22 ----D---- C:\windows\SoftwareDistribution
2018-06-11 16:52:26 ----RD---- C:\Program Files
2018-06-10 20:35:21 ----SHD---- C:\System Volume Information
2018-06-10 15:15:24 ----SHD---- C:\windows\Installer
2018-06-10 15:15:23 ----D---- C:\windows\SysWOW64
2018-06-10 15:12:36 ----D---- C:\windows\system32\catroot
2018-06-10 15:12:35 ----D---- C:\windows\system32\DriverStore
2018-06-10 15:07:31 ----SD---- C:\ProgramData\Microsoft
2018-06-09 01:56:51 ----D---- C:\windows\Microsoft.NET
2018-05-27 20:07:33 ----D---- C:\windows\system32\drivers
2018-05-27 10:06:23 ----RSD---- C:\windows\assembly
2018-05-27 10:06:21 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-05-27 10:06:11 ----D---- C:\ProgramData\Microsoft Help
2018-05-27 10:05:08 ----D---- C:\Program Files\Microsoft Office 15
2018-05-24 15:44:21 ----D---- C:\Users\User\AppData\Roaming\XnView
2018-05-24 15:43:26 ----D---- C:\windows\Minidump
2018-05-24 15:42:29 ----D---- C:\F
2018-05-24 15:36:42 ----D---- C:\windows\system32\config
2018-05-23 01:44:34 ----RD---- C:\Program Files (x86)
2018-05-22 22:23:27 ----D---- C:\Users\User\AppData\Roaming\Nitro PDF
2018-05-16 12:20:19 ----D---- C:\windows\system32\NDF
2018-05-13 23:25:57 ----D---- C:\windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\windows\system32\drivers\aswbidsha.sys [2018-03-05 199440]
R0 aswblog;aswblog; C:\windows\system32\drivers\aswbloga.sys [2018-03-05 343752]
R0 aswbuniv;aswbuniv; C:\windows\system32\drivers\aswbuniva.sys [2018-03-05 57680]
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2018-05-17 85968]
R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2018-05-17 381552]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2013-08-29 644968]
R0 IntelHSWPcc;IntelHSWPcc; C:\windows\System32\drivers\IntelPcc.sys [2013-07-03 74344]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-11-01 32544]
R1 aswArPot;aswArPot; C:\windows\system32\drivers\aswArPot.sys [2018-05-17 196640]
R1 aswbidsdriver;aswbidsdriver; C:\windows\system32\drivers\aswbidsdrivera.sys [2018-03-05 227504]
R1 aswHdsKe;aswHdsKe; C:\windows\system32\drivers\aswHdsKe.sys [2018-05-17 234560]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2018-05-17 111360]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2018-05-17 1027720]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2018-05-17 460520]
R1 SMIDriver;SMIDriver; C:\windows\system32\drivers\smi.sys [2015-12-02 19664]
R1 TPPWRIF;TPPWRIF; C:\windows\System32\drivers\Tppwr64v.sys [2016-04-14 29008]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2018-05-17 159120]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2018-05-17 205976]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 IBMPMDRV;IBMPMDRV; C:\windows\system32\DRIVERS\ibmpmdrv.sys [2013-11-08 54528]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2013-11-28 4209152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2013-09-25 3667416]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2013-10-29 27032]
R3 LnvHIDHW;@oem38.inf,%LnvHIDHW%;Lenovo HID Mini-driver for Hardware Radio Switch; C:\windows\System32\drivers\LnvHIDHW.sys [2014-04-07 29496]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2016-03-10 27008]
R3 MEIx64;@oem23.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2013-11-01 11311392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RtkBtFilter;@oem18.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\windows\system32\DRIVERS\RtkBtfilter.sys [2013-11-19 555224]
R3 RTL8168;@oem16.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-06-22 816344]
R3 RTWlanE;@oem17.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\windows\system32\DRIVERS\rtwlane.sys [2013-08-21 2944216]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-15 34544]
R3 SPUVCbv;@oem14.inf,%SPUVCb.ServiceName%;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2013-09-05 1509880]
R3 SynTP;@oem32.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-08-15 527600]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys [2015-08-10 82072]
S3 aswHwid;aswHwid; C:\windows\system32\drivers\aswHwid.sys [2018-05-17 46968]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dot4;@oem35.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem36.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem35.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 Fastboot;Fastboot; C:\windows\System32\DRIVERS\fastboot.sys [2014-08-19 65928]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2013-10-29 39320]
S3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2013-11-28 449496]
S3 ldiagio_uefi;ldiagio; \??\C:\Program Files\Lenovo\Lenovo Solution Center\App\ldiag\x64\ldiagio_uefi.sys [2015-12-22 25248]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2016-09-01 192216]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2016-03-10 65408]
S3 NETwNe64;@netwew00.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew00.sys [2013-07-08 3344352]
S3 RSUSBSTOR;@oem31.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2013-07-09 263896]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2014-08-19 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-05-17 317280]
R2 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2016-04-12 566288]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2013-11-07 66560]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-12-12 3058392]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 FastbootService;FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2014-08-19 140016]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-23 43696]
R2 IBMPMSVC;@oem2.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\windows\system32\ibmpmsvc.exe [2013-11-08 66856]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-04 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2015-09-25 2023592]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-11 136288]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 lnvDiscoveryWinSvc;lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [2014-02-22 22576]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2015-05-12 469720]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-07-26 230416]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-10-29 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-11-01 1364256]
R2 PSI_SVC_2;Corel License Validation Service V2, Powered by arvato; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2014-04-30 277360]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-01-31 124976]
R2 valWBFPolicyService;@oem22.inf,%WBFService_SvcDesc%;Validity WBF Policy Service; C:\windows\system32\valWBFPolicyService.exe [2015-12-06 88400]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-05-17 7620096]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2016-04-14 1668776]
R3 QuickControlService;Lenovo QuickControl Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [2014-02-12 322608]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-04 164984]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-01 107848]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
S2 QuickControlMasterSvc;Lenovo QuickControl Master Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [2014-02-12 59440]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-04 164984]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2013-12-09 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-01 107848]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-04-23 532224]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2016-04-12 461840]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2016-04-12 459280]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2016-04-12 631312]
S3 LnvHotSpotSvc;Lenovo Settings Mobile Hotspot Service; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [2015-03-23 480712]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-06-02 273232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 OKI OKHC DCS Loader;OKI OKHC DCS Loader; C:\windows\system32\spool\DRIVERS\x64\3\OKHCLDCS.EXE [2009-03-05 20480]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-04-10 160960]
S4 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-01-31 110640]

-----------------EOF-----------------

Re: Prosím o preventivku

Napsal: 13 čer 2018 09:23
od Rudy
Smazáno, log by již měl být OK.

Re: Prosím o preventivku

Napsal: 16 čer 2018 12:29
od Filis
Díky moc!

Re: Prosím o preventivku

Napsal: 16 čer 2018 12:49
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz