Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
lavega
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 28 říj 2012 09:07

Kontrola logu

#1 Příspěvek od lavega »

Dobrý den, mohli by ste prosím skontrolovať log. Rano zapnem notebook je vsetko ok ale postupne sa mi spomaluje, nasiel som ze explorer.exe berie 50% processora. Za pomoc dakujem.

Logfile of random's system information tool 1.10 (written by random/random)
Run by User at 2018-08-14 12:21:02
Microsoft Windows 8.1 so službou Bing
System drive C: has 227 GB (72%) free of 315 GB
Total RAM: 3978 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:21:22, on 14.8.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\User\AppData\Local\Vivaldi\Application\update_notifier.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Intel Driver Update Utility\DSATray.exe
C:\Program Files (x86)\RegCleaner\RegCleanr.exe
C:\Program Files (x86)\p System explorer\SystemExplorer.exe
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll
O3 - Toolbar: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [DSATray] C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\p System explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [f.lux] "C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [SmartSwitchPDLR.exe] C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe Run Kies4
O4 - HKCU\..\Run: [Vivaldi Update Notifier] "C:\Users\User\AppData\Local\Vivaldi\Application\update_notifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{2DD903A8-4D0A-4393-94D5-77468828C304}: NameServer = 8.8.4.4
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bitdefender Auxiliary Service (BDAuxSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Driver and Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Bitdefender Product Agent Service (ProductAgentService) - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\p System explorer\service\SystemExplorerService64.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: USBBKSvc - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @oem34.inf,%WBFService_SvcDesc%;Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 9469 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe" /service
"dwm.exe"
"C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings/services/configs/bdauxsrv_config.json"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f7357fc4-14ea-4646-a387-149c63cd4dc4 -SystemEventPortName:HostProcess-d35b0a8d-8715-4ca7-af2c-6e1e42f3c14d -IoCancelEventPortName:HostProcess-071389a1-2ea1-404d-9e65-56dc7b929140 -NonStateChangingEventPortName:HostProcess-27a5444e-fc18-4325-a030-3c382b2f7a6b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d47c187c-2062-4812-97bb-7ea4590668bb -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-182ffb00-06d9-476d-a7fb-e8e17bf267ef -SystemEventPortName:HostProcess-d8b9dcfd-57e8-480a-b35f-4db9f407c236 -IoCancelEventPortName:HostProcess-6b130821-42e9-4818-aad5-d35efb44cbc5 -NonStateChangingEventPortName:HostProcess-2faea8f2-0c18-4ad7-b871-e3383cd1c9f0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d5bcc21d-fe5a-4ca6-9b07-aa21fe3a59b9 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {885c5ba1-58db-4cf7-92df023d3e3ab598}
"C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe"
"C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe" /service
"C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
taskeng.exe {BFA1C06D-379B-41BC-A1A7-05D0443CE737}
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
igfxEM.exe
"C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe"
igfxHK.exe
"C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
igfxTray.exe
"C:\Users\User\AppData\Local\Vivaldi\Application\update_notifier.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe --type=crashpad-handler "--user-data-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\User\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=68.0.3440.106 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ff820b424d0,0x7ff820b424e0,0x7ff820b424f0
"C:\Program Files (x86)\Intel Driver Update Utility\DSATray.exe"
"C:\Program Files (x86)\RegCleaner\RegCleanr.exe"
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5360 --on-initialized-event-handle=444 --parent-handle=448 /prefetch:6
"C:\Program Files (x86)\p System explorer\SystemExplorer.exe" /TRAY
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\p System explorer\service\SystemExplorerService64.exe"
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=6DEC5905C78DDD6B744FF37A0DF71AFE --mojo-platform-channel-handle=1184 --ignored=" --type=renderer " /prefetch:2
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=1F6A724D40BA7D5FB9C3BCCDB488EB36 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=1F6A724D40BA7D5FB9C3BCCDB488EB36 --renderer-client-id=9 --mojo-platform-channel-handle=2108 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=F73A006361AEB16C77AD18CA731CBCFC --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=F73A006361AEB16C77AD18CA731CBCFC --renderer-client-id=11 --mojo-platform-channel-handle=2352 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=EB0AEA56508F17A3316C34FDD1BC01D3 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=EB0AEA56508F17A3316C34FDD1BC01D3 --renderer-client-id=3 --mojo-platform-channel-handle=2584 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=CD00B0CC5921894A2B90AAF6088B42D2 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=CD00B0CC5921894A2B90AAF6088B42D2 --renderer-client-id=4 --mojo-platform-channel-handle=2672 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=EC2834CF5636445575A03156877F02AF --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=EC2834CF5636445575A03156877F02AF --renderer-client-id=5 --mojo-platform-channel-handle=2684 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=EB9C7AA732DA41DAEAF821F1820831B8 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=EB9C7AA732DA41DAEAF821F1820831B8 --renderer-client-id=6 --mojo-platform-channel-handle=2692 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=DB3B95FA849A6ABFB932A037A98A5DEA --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=DB3B95FA849A6ABFB932A037A98A5DEA --renderer-client-id=7 --mojo-platform-channel-handle=2700 /prefetch:1
C:\WINDOWS\system32\cmd.exe /d /c "C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.1f33755974640c2a > \\.\pipe\chrome.nativeMessaging.out.1f33755974640c2a
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=8D1F0F84DA48A509E3568F051BD9BD2E --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=8D1F0F84DA48A509E3568F051BD9BD2E --renderer-client-id=14 --mojo-platform-channel-handle=6656 /prefetch:1
"C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe"
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe" 1 1 1 1


C:\WINDOWS\servicing\TrustedInstaller.exe
"C:\Program Files\Bitdefender\Bitdefender Security\downloader.exe" /download /trace /stopevent 1600
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=AF2D3DA3E606DED0DE25ECACA16A5985 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=AF2D3DA3E606DED0DE25ECACA16A5985 --renderer-client-id=18 --mojo-platform-channel-handle=5964 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=7E3B4200200C63A1CCF10460232F0261 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=7E3B4200200C63A1CCF10460232F0261 --renderer-client-id=19 --mojo-platform-channel-handle=6436 /prefetch:1
"C:\Program Files\Bitdefender\Bitdefender Security\Vulnerability.Scan.exe" --windows-updater --start
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=CB23ED7ACD92201CF71B9A25D774EB79 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=CB23ED7ACD92201CF71B9A25D774EB79 --renderer-client-id=21 --mojo-platform-channel-handle=3552 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 392 568 580 65536 576
"C:\Users\User\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 25fe945b-2b4d-49a0-bbeb-2c1f4ef1c42c.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:25fe945b-2b4d-49a0-bbeb-2c1f4ef1c42c
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 9324e2b8-408d-4467-a598-c16354d8b4f8.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:9324e2b8-408d-4467-a598-c16354d8b4f8

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-07-09 647696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-07-09 602040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18 480200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-07-09 647696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-07-09 602040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2018-05-03 18384360]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-05-03 1489920]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-05-03 1489920]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-05-03 1489920]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2018-04-11 5158144]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-31 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-31 10973168]
"Bdagent"=C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2018-07-17 485160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe [2018-07-03 1806344]
"SmartSwitchPDLR.exe"=C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [2018-05-02 1184928]
"Vivaldi Update Notifier"=C:\Users\User\AppData\Local\Vivaldi\Application\update_notifier.exe [2018-08-06 1495624]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2018-07-03 8898480]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DSATray"=C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe [2017-08-10 137976]
"SystemExplorerAutoStart"=C:\Program Files (x86)\p System explorer\SystemExplorer.exe [2015-05-21 3391720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2018-08-14 12:21:03 ----D---- C:\Program Files\trend micro
2018-08-14 12:21:02 ----D---- C:\rsit
2018-08-14 12:02:25 ----D---- C:\Program Files (x86)\RegCleaner
2018-08-13 10:32:02 ----D---- C:\Program Files (x86)\EAC MW klient
2018-08-10 11:23:21 ----D---- C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com
2018-08-10 11:20:24 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2018-08-10 11:20:24 ----D---- C:\Program Files\SUPERAntiSpyware
2018-08-10 11:20:15 ----D---- C:\WINDOWS\LastGood.Tmp
2018-08-10 10:58:49 ----D---- C:\ProgramData\Bitdefender Device Management
2018-08-10 10:57:19 ----A---- C:\bdlog.txt
2018-08-10 10:56:09 ----D---- C:\ProgramData\Atc
2018-08-10 10:49:32 ----D---- C:\ProgramData\BDLogging
2018-08-10 10:48:55 ----A---- C:\WINDOWS\system32\drivers\bdelam.sys
2018-08-10 10:48:52 ----A---- C:\WINDOWS\capicom.dll
2018-08-10 10:48:07 ----A---- C:\WINDOWS\system32\drivers\bdvedisk.sys
2018-08-10 10:48:05 ----A---- C:\WINDOWS\system32\drivers\bdprivmon.sys
2018-08-10 10:48:04 ----A---- C:\WINDOWS\system32\drivers\bddci.sys
2018-08-10 10:48:03 ----A---- C:\WINDOWS\system32\drivers\avc3.sys
2018-08-10 10:48:03 ----A---- C:\WINDOWS\system32\drivers\atc.sys
2018-08-10 10:47:46 ----A---- C:\WINDOWS\system32\drivers\ignis.sys
2018-08-10 10:46:47 ----D---- C:\Users\User\AppData\Roaming\Bitdefender
2018-08-10 10:40:36 ----D---- C:\Users\User\AppData\Roaming\QuickScan
2018-08-10 10:39:46 ----D---- C:\ProgramData\Bitdefender
2018-08-10 10:39:44 ----A---- C:\WINDOWS\system32\drivers\gzflt.sys
2018-08-10 10:39:38 ----D---- C:\Program Files\Bitdefender
2018-08-10 10:39:38 ----A---- C:\WINDOWS\system32\drivers\trufos.sys
2018-08-10 10:38:08 ----D---- C:\Program Files\Common Files\Bitdefender
2018-08-10 10:32:20 ----D---- C:\ProgramData\Bitdefender Agent
2018-08-10 10:32:20 ----D---- C:\Program Files\Bitdefender Agent
2018-08-07 11:30:57 ----D---- C:\Program Files (x86)\WinHTTrack
2018-08-06 08:50:23 ----D---- C:\Users\User\AppData\Roaming\system32
2018-08-03 08:49:42 ----D---- C:\Program Files\Google
2018-07-30 10:16:53 ----D---- C:\ProgramData\iolo
2018-07-28 19:26:14 ----D---- C:\ProgramData\Tencent
2018-07-28 19:22:41 ----D---- C:\Users\User\AppData\Roaming\Tencent
2018-07-28 17:51:16 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2018-07-28 17:51:16 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2018-07-28 17:28:59 ----SHD---- C:\Users\User\AppData\Roaming\wyUpdate AU
2018-07-28 17:22:47 ----D---- C:\ProgramData\Delphi
2018-07-28 17:22:42 ----D---- C:\ProgramData\Common Diagnostics
2018-07-28 17:22:24 ----D---- C:\Users\User\AppData\Roaming\Delphi
2018-07-28 17:03:37 ----A---- C:\WINDOWS\SYSWOW64\ftd2xx.dll
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\ftserui2.dll
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\FTLang.dll
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\ftd2xx.dll
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\ftcserco.dll
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\ftbusui.dll
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\drivers\ftser2k.sys
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\drivers\ftdibus.sys
2018-07-26 16:57:41 ----D---- C:\Users\User\AppData\Roaming\inkscape
2018-07-26 16:54:41 ----D---- C:\Program Files\Inkscape
2018-07-20 10:04:23 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-07-20 10:04:22 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-07-20 10:04:15 ----A---- C:\WINDOWS\system32\shell32.dll
2018-07-20 10:04:11 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-07-20 10:04:10 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-07-20 10:04:08 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-07-20 10:04:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-07-20 10:04:06 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-07-20 10:04:05 ----A---- C:\WINDOWS\system32\win32k.sys
2018-07-20 10:04:05 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-07-20 10:04:02 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2018-07-20 10:04:01 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-20 10:04:01 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-07-20 10:04:01 ----A---- C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-20 10:03:59 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2018-07-20 10:03:59 ----A---- C:\WINDOWS\system32\combase.dll
2018-07-20 10:03:58 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-07-20 10:03:58 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2018-07-20 10:03:58 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2018-07-20 10:03:58 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-07-20 10:03:58 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2018-07-20 10:03:57 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-07-20 10:03:57 ----A---- C:\WINDOWS\system32\winload.exe
2018-07-20 10:03:57 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-07-20 10:03:57 ----A---- C:\WINDOWS\system32\dnsapi.dll
2018-07-20 10:03:56 ----AC---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2018-07-20 10:03:56 ----AC---- C:\WINDOWS\system32\drivers\usbport.sys
2018-07-20 10:03:56 ----AC---- C:\WINDOWS\system32\drivers\UCX01000.SYS
2018-07-20 10:03:56 ----AC---- C:\WINDOWS\system32\drivers\intelppm.sys
2018-07-20 10:03:56 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2018-07-20 10:03:56 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-07-20 10:03:55 ----AC---- C:\WINDOWS\system32\drivers\amdppm.sys
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2018-07-20 10:03:55 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2018-07-20 10:03:55 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-20 10:03:53 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2018-07-20 10:03:52 ----AC---- C:\WINDOWS\system32\drivers\processr.sys
2018-07-20 10:03:52 ----AC---- C:\WINDOWS\system32\drivers\amdk8.sys
2018-07-20 10:03:52 ----A---- C:\WINDOWS\system32\drivers\mpsdrv.sys
2018-07-20 10:03:45 ----A---- C:\WINDOWS\system32\wininet.dll
2018-07-20 10:03:44 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-07-20 10:03:42 ----AC---- C:\WINDOWS\system32\drivers\fxppm.sys
2018-07-20 10:03:42 ----A---- C:\WINDOWS\system32\zipfldr.dll
2018-07-20 10:03:41 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-07-20 10:03:41 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-07-20 10:03:40 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-07-20 10:03:38 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-07-20 10:03:38 ----A---- C:\WINDOWS\system32\jscript.dll
2018-07-20 10:03:37 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-07-20 10:03:37 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-07-20 10:03:36 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-07-20 10:03:36 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-07-20 09:47:54 ----D---- C:\Users\User\AppData\Roaming\Skype
2018-07-15 13:57:15 ----D---- C:\Users\User\AppData\Roaming\ioloGovernor
2018-07-15 13:50:19 ----D---- C:\Program Files\Common Files\iolo
2018-07-15 13:48:27 ----A---- C:\WINDOWS\system32\invagent.dll
2018-07-15 13:48:27 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-07-15 13:48:27 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-07-15 13:48:27 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-07-15 13:48:27 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-07-15 13:48:26 ----A---- C:\WINDOWS\system32\devinv.dll
2018-07-15 13:48:26 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-07-15 13:48:26 ----A---- C:\WINDOWS\system32\centel.dll
2018-07-15 13:48:26 ----A---- C:\WINDOWS\system32\aepic.dll
2018-07-15 13:48:26 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-07-15 13:46:06 ----A---- C:\WINDOWS\SYSWOW64\mfc45.dat
2018-07-15 13:45:42 ----D---- C:\Users\User\AppData\Roaming\iolo

======List of files/folders modified in the last 1 month======

2018-08-14 12:21:03 ----RD---- C:\Program Files
2018-08-14 12:18:57 ----D---- C:\WINDOWS\system32\drivers\etc
2018-08-14 12:16:45 ----D---- C:\WINDOWS\Temp
2018-08-14 12:15:06 ----D---- C:\WINDOWS\Prefetch
2018-08-14 12:12:56 ----D---- C:\ProgramData\Synaptics
2018-08-14 12:02:25 ----RD---- C:\Program Files (x86)
2018-08-14 12:00:01 ----D---- C:\WINDOWS\system32\sru
2018-08-14 09:20:22 ----D---- C:\WINDOWS\System32
2018-08-14 09:20:22 ----D---- C:\WINDOWS\Inf
2018-08-14 09:20:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-14 05:50:28 ----D---- C:\WINDOWS\Microsoft.NET
2018-08-13 16:08:19 ----SHD---- C:\System Volume Information
2018-08-13 11:25:03 ----D---- C:\WINDOWS\system32\NDF
2018-08-13 10:53:12 ----D---- C:\Program Files (x86)\Intel Driver Update Utility
2018-08-13 10:33:38 ----SHD---- C:\WINDOWS\Installer
2018-08-13 10:32:06 ----SHD---- C:\Config.Msi
2018-08-13 10:25:37 ----AD---- C:\Windows
2018-08-10 11:23:41 ----D---- C:\WINDOWS\Tasks
2018-08-10 11:23:41 ----D---- C:\WINDOWS\system32\Tasks
2018-08-10 11:23:21 ----HD---- C:\ProgramData
2018-08-10 11:20:15 ----D---- C:\WINDOWS\system32\drivers
2018-08-10 11:19:19 ----D---- C:\WINDOWS\system32\DriverStore
2018-08-10 10:38:08 ----D---- C:\Program Files\Common Files
2018-08-06 16:01:28 ----D---- C:\WINDOWS\Minidump
2018-08-06 16:01:23 ----D---- C:\WINDOWS\debug
2018-08-06 09:55:36 ----D---- C:\WINDOWS\system32\config
2018-08-02 11:56:58 ----D---- C:\Users\User\AppData\Roaming\vlc
2018-07-30 12:27:19 ----D---- C:\WINDOWS\WinSxS
2018-07-30 12:26:01 ----D---- C:\WINDOWS\system32\catroot2
2018-07-30 12:18:38 ----D---- C:\WINDOWS\rescache
2018-07-30 10:16:18 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2018-07-28 17:52:19 ----D---- C:\WINDOWS\CbsTemp
2018-07-28 17:51:59 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-07-28 17:51:59 ----D---- C:\WINDOWS\SysWOW64
2018-07-28 17:51:59 ----D---- C:\WINDOWS\system32\en-US
2018-07-28 17:30:14 ----D---- C:\WINDOWS\system32\catroot
2018-07-26 09:50:10 ----D---- C:\Users\User\AppData\Roaming\Mozilla
2018-07-25 12:40:07 ----RSD---- C:\WINDOWS\assembly
2018-07-23 10:14:46 ----RD---- C:\WINDOWS\ToastData
2018-07-23 10:14:43 ----D---- C:\WINDOWS\system32\Boot
2018-07-23 10:14:42 ----RSD---- C:\WINDOWS\Fonts
2018-07-23 10:14:42 ----D---- C:\WINDOWS\apppatch
2018-07-23 10:14:34 ----D---- C:\WINDOWS\system32\appraiser
2018-07-23 08:58:06 ----D---- C:\WINDOWS\system32\MRT
2018-07-23 08:45:36 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-07-20 15:18:16 ----D---- C:\WINDOWS\ELAMBKUP
2018-07-20 09:47:58 ----SD---- C:\Users\User\AppData\Roaming\Microsoft
2018-07-17 00:02:20 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2018-07-16 09:08:24 ----D---- C:\WINDOWS\system32\Macromed
2018-07-16 09:08:21 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-07-15 13:43:03 ----RSD---- C:\WINDOWS\Media
2018-07-15 13:32:46 ----D---- C:\Program Files (x86)\Mozilla Thunderbird

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2018-04-17 1723552]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2018-05-29 193184]
R0 LubSec;LubSec; C:\WINDOWS\System32\Drivers\LubSec.sys [2014-02-22 45304]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2018-06-28 609576]
R1 atc;atc; C:\WINDOWS\system32\DRIVERS\atc.sys [2018-04-27 1283464]
R1 ElRawDisk;ElRawDisk; \??\C:\WINDOWS\system32\drivers\ElRawDsk.sys [2013-12-03 30752]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2018-04-11 27552]
R1 RawDisk3;RawDisk3; \??\C:\WINDOWS\system32\drivers\rawdsk3.sys [2016-02-19 41576]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 SMIDriver;SMIDriver; C:\WINDOWS\system32\drivers\smi.sys [2014-01-22 19760]
R2 BdDci;BdDci Service; C:\WINDOWS\system32\DRIVERS\bddci.sys [2018-07-06 153160]
R3 ACPIVPC;@oem38.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-12-31 35576]
R3 AthBTPort;@oem33.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-12-24 89800]
R3 athr;@oem53.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2018-04-11 4307192]
R3 BTATH_A2DP;@oem32.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-12-24 338120]
R3 btath_avdt;@oem32.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-12-24 116424]
R3 BTATH_BUS;@oem30.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-12-24 34384]
R3 BTATH_HCRP;@oem35.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-12-24 179432]
R3 BTATH_LWFLT;@oem37.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-12-24 77464]
R3 BTATH_RCP;@oem39.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-12-24 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2018-04-11 65808]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-09-09 3797416]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2018-05-03 5842912]
R3 IntcDAud;@oem60.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2018-04-11 480800]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-03-18 167424]
R3 RSP2STOR;@oem62.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2018-04-11 329664]
R3 RTL8168;@oem61.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2018-04-11 992704]
R3 rtsuvc;@oem58.inf,%rtsuvc.DeviceDesc%;EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2018-04-11 3127552]
R3 SynTP;@oem13.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-01-24 532720]
R3 TXEIx64;@oem54.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\WINDOWS\System32\drivers\TXEIx64.sys [2018-04-11 88592]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2018-04-19 23032]
S1 mzgqzlkd;mzgqzlkd; \??\C:\WINDOWS\system32\drivers\mzgqzlkd.sys []
S2 LubFsFlt;LubFsFlt; \??\C:\windows\System32\Drivers\LubFsFlt.sys [2014-02-22 27384]
S3 bdprivmon;bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [2018-04-20 45104]
S3 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2018-04-27 96448]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dg_ssudbus;@oem48.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 FTDIBUS;@oem5.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2016-02-01 110912]
S3 FTSER2K;@oem66.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2016-02-01 95168]
S3 GemCCID;GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [2016-10-17 137712]
S3 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2018-05-04 191592]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2016-10-18 21984]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-01-24 34544]
S3 ssudmdm;@oem49.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 tap0901;@oem52.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2016-04-21 27136]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2014-03-18 121088]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2017-01-31 173472]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-12-24 318592]
R2 BDAuxSrv;Bitdefender Auxiliary Service; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [2018-07-11 500696]
R2 bdredline;Bitdefender RedLine Service; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2018-03-22 2195320]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 DSAService;Intel(R) Driver and Support Assistant; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [2017-08-10 22264]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-09-09 330144]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-31 198192]
R2 ProductAgentService;Bitdefender Product Agent Service; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2018-07-31 1284032]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2017-01-16 752224]
R2 SystemUsageReportSvc_QUEENCREEK;Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [2017-03-07 157456]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [2018-07-09 112144]
R2 USBBKSvc;USBBKSvc; C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe [2013-12-25 35824]
R2 valWBFPolicyService;@oem34.inf,%WBFService_SvcDesc%;Validity WBF Policy Service; C:\WINDOWS\system32\valWBFPolicyService.exe [2018-04-11 88400]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\p System explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-09-09 291736]
S3 ESRV_SVC_QUEENCREEK;Energy Server Service queencreek; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [2017-03-07 824592]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-25 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 USER_ESRV_SVC_QUEENCREEK;User Energy Server Service queencreek; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [2017-03-07 824592]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-14 153752]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-14 153752]

-----------------EOF-----------------

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu

#2 Příspěvek od JaRon »

ahoj,
- odinstaluj SUPERAntiSpyware
- vloz oba logy FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

lavega
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 28 říj 2012 09:07

Re: Kontrola logu

#3 Příspěvek od lavega »

Logfile of random's system information tool 1.10 (written by random/random)
Run by User at 2018-08-14 14:42:14
Microsoft Windows 8.1 so službou Bing
System drive C: has 228 GB (73%) free of 315 GB
Total RAM: 3978 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:42:19, on 14.8.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\User\AppData\Local\Vivaldi\Application\update_notifier.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Intel Driver Update Utility\DSATray.exe
C:\Program Files (x86)\p System explorer\SystemExplorer.exe
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll
O3 - Toolbar: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [DSATray] C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\p System explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [f.lux] "C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [SmartSwitchPDLR.exe] C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe Run Kies4
O4 - HKCU\..\Run: [Vivaldi Update Notifier] "C:\Users\User\AppData\Local\Vivaldi\Application\update_notifier.exe"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{2DD903A8-4D0A-4393-94D5-77468828C304}: NameServer = 8.8.4.4
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bitdefender Auxiliary Service (BDAuxSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Driver and Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Bitdefender Product Agent Service (ProductAgentService) - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\p System explorer\service\SystemExplorerService64.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: USBBKSvc - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @oem34.inf,%WBFService_SvcDesc%;Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 9210 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe" /service
"dwm.exe"
"C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings/services/configs/bdauxsrv_config.json"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f7357fc4-14ea-4646-a387-149c63cd4dc4 -SystemEventPortName:HostProcess-d35b0a8d-8715-4ca7-af2c-6e1e42f3c14d -IoCancelEventPortName:HostProcess-071389a1-2ea1-404d-9e65-56dc7b929140 -NonStateChangingEventPortName:HostProcess-27a5444e-fc18-4325-a030-3c382b2f7a6b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d47c187c-2062-4812-97bb-7ea4590668bb -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-182ffb00-06d9-476d-a7fb-e8e17bf267ef -SystemEventPortName:HostProcess-d8b9dcfd-57e8-480a-b35f-4db9f407c236 -IoCancelEventPortName:HostProcess-6b130821-42e9-4818-aad5-d35efb44cbc5 -NonStateChangingEventPortName:HostProcess-2faea8f2-0c18-4ad7-b871-e3383cd1c9f0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d5bcc21d-fe5a-4ca6-9b07-aa21fe3a59b9 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {885c5ba1-58db-4cf7-92df023d3e3ab598}
"C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe"
"C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe" /service
"C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
igfxEM.exe
"C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe"
igfxHK.exe
"C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
igfxTray.exe
"C:\Users\User\AppData\Local\Vivaldi\Application\update_notifier.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe --type=crashpad-handler "--user-data-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\User\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=68.0.3440.106 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ff820b424d0,0x7ff820b424e0,0x7ff820b424f0
"C:\Program Files (x86)\Intel Driver Update Utility\DSATray.exe"
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5360 --on-initialized-event-handle=444 --parent-handle=448 /prefetch:6
"C:\Program Files (x86)\p System explorer\SystemExplorer.exe" /TRAY
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\p System explorer\service\SystemExplorerService64.exe"
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=6DEC5905C78DDD6B744FF37A0DF71AFE --mojo-platform-channel-handle=1184 --ignored=" --type=renderer " /prefetch:2
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=EB0AEA56508F17A3316C34FDD1BC01D3 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=EB0AEA56508F17A3316C34FDD1BC01D3 --renderer-client-id=3 --mojo-platform-channel-handle=2584 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=CD00B0CC5921894A2B90AAF6088B42D2 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=CD00B0CC5921894A2B90AAF6088B42D2 --renderer-client-id=4 --mojo-platform-channel-handle=2672 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=EC2834CF5636445575A03156877F02AF --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=EC2834CF5636445575A03156877F02AF --renderer-client-id=5 --mojo-platform-channel-handle=2684 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=EB9C7AA732DA41DAEAF821F1820831B8 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=EB9C7AA732DA41DAEAF821F1820831B8 --renderer-client-id=6 --mojo-platform-channel-handle=2692 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=DB3B95FA849A6ABFB932A037A98A5DEA --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=DB3B95FA849A6ABFB932A037A98A5DEA --renderer-client-id=7 --mojo-platform-channel-handle=2700 /prefetch:1
C:\WINDOWS\system32\cmd.exe /d /c "C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.1f33755974640c2a > \\.\pipe\chrome.nativeMessaging.out.1f33755974640c2a
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=8D1F0F84DA48A509E3568F051BD9BD2E --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=8D1F0F84DA48A509E3568F051BD9BD2E --renderer-client-id=14 --mojo-platform-channel-handle=6656 /prefetch:1
"C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe"
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe" 1 1 1 1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=03233A7A07D92F9570FE0FD3A8304793 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=03233A7A07D92F9570FE0FD3A8304793 --renderer-client-id=25 --mojo-platform-channel-handle=6728 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=FA406A76F158C63364B2994404C676B9 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=FA406A76F158C63364B2994404C676B9 --renderer-client-id=45 --mojo-platform-channel-handle=6684 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=1ED6433AC44AFDFEB4612D221EA3C492 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=1ED6433AC44AFDFEB4612D221EA3C492 --renderer-client-id=76 --mojo-platform-channel-handle=9020 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=39F6BAF9CF45EB6D61DF3B41B320918B --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=39F6BAF9CF45EB6D61DF3B41B320918B --renderer-client-id=89 --mojo-platform-channel-handle=9120 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=CB75F552EEB60C7166A515FEDDE91ECA --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=CB75F552EEB60C7166A515FEDDE91ECA --renderer-client-id=134 --mojo-platform-channel-handle=9756 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=D1E937CAD6A415B2F90CC4CD7671F600 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=D1E937CAD6A415B2F90CC4CD7671F600 --renderer-client-id=136 --mojo-platform-channel-handle=8912 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=F7F5030BCB72D00B02978686B6723D16 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=F7F5030BCB72D00B02978686B6723D16 --renderer-client-id=137 --mojo-platform-channel-handle=4388 /prefetch:1
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=7F4D593688C080AC56E81C07D2EB4D09 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=7F4D593688C080AC56E81C07D2EB4D09 --renderer-client-id=142 --mojo-platform-channel-handle=9508 /prefetch:1

"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,5687836610817569847,16219161549030390111,131072 --service-pipe-token=A73E7CE574ABB34ACD296C0ED4D66510 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=A73E7CE574ABB34ACD296C0ED4D66510 --renderer-client-id=146 --mojo-platform-channel-handle=8664 /prefetch:1
C:\WINDOWS\system32\msiexec.exe /V
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 392 568 580 65536 576
"C:\Users\User\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-07-09 647696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-07-09 602040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18 480200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-07-09 647696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-07-09 602040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2018-05-03 18384360]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-05-03 1489920]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-05-03 1489920]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-05-03 1489920]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2018-04-11 5158144]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-31 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-31 10973168]
"Bdagent"=C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2018-07-17 485160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe [2018-07-03 1806344]
"SmartSwitchPDLR.exe"=C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [2018-05-02 1184928]
"Vivaldi Update Notifier"=C:\Users\User\AppData\Local\Vivaldi\Application\update_notifier.exe [2018-08-06 1495624]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DSATray"=C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe [2017-08-10 137976]
"SystemExplorerAutoStart"=C:\Program Files (x86)\p System explorer\SystemExplorer.exe [2015-05-21 3391720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2018-08-14 12:21:03 ----D---- C:\Program Files\trend micro
2018-08-14 12:21:02 ----D---- C:\rsit
2018-08-14 12:02:25 ----D---- C:\Program Files (x86)\RegCleaner
2018-08-13 10:32:02 ----D---- C:\Program Files (x86)\EAC MW klient
2018-08-10 11:20:15 ----D---- C:\WINDOWS\LastGood.Tmp
2018-08-10 10:58:49 ----D---- C:\ProgramData\Bitdefender Device Management
2018-08-10 10:57:19 ----A---- C:\bdlog.txt
2018-08-10 10:56:09 ----D---- C:\ProgramData\Atc
2018-08-10 10:49:32 ----D---- C:\ProgramData\BDLogging
2018-08-10 10:48:55 ----A---- C:\WINDOWS\system32\drivers\bdelam.sys
2018-08-10 10:48:52 ----A---- C:\WINDOWS\capicom.dll
2018-08-10 10:48:07 ----A---- C:\WINDOWS\system32\drivers\bdvedisk.sys
2018-08-10 10:48:05 ----A---- C:\WINDOWS\system32\drivers\bdprivmon.sys
2018-08-10 10:48:04 ----A---- C:\WINDOWS\system32\drivers\bddci.sys
2018-08-10 10:48:03 ----A---- C:\WINDOWS\system32\drivers\avc3.sys
2018-08-10 10:48:03 ----A---- C:\WINDOWS\system32\drivers\atc.sys
2018-08-10 10:47:46 ----A---- C:\WINDOWS\system32\drivers\ignis.sys
2018-08-10 10:46:47 ----D---- C:\Users\User\AppData\Roaming\Bitdefender
2018-08-10 10:40:36 ----D---- C:\Users\User\AppData\Roaming\QuickScan
2018-08-10 10:39:46 ----D---- C:\ProgramData\Bitdefender
2018-08-10 10:39:44 ----A---- C:\WINDOWS\system32\drivers\gzflt.sys
2018-08-10 10:39:38 ----D---- C:\Program Files\Bitdefender
2018-08-10 10:39:38 ----A---- C:\WINDOWS\system32\drivers\trufos.sys
2018-08-10 10:38:08 ----D---- C:\Program Files\Common Files\Bitdefender
2018-08-10 10:32:20 ----D---- C:\ProgramData\Bitdefender Agent
2018-08-10 10:32:20 ----D---- C:\Program Files\Bitdefender Agent
2018-08-07 11:30:57 ----D---- C:\Program Files (x86)\WinHTTrack
2018-08-06 08:50:23 ----D---- C:\Users\User\AppData\Roaming\system32
2018-08-03 08:49:42 ----D---- C:\Program Files\Google
2018-07-30 10:16:53 ----D---- C:\ProgramData\iolo
2018-07-28 19:26:14 ----D---- C:\ProgramData\Tencent
2018-07-28 19:22:41 ----D---- C:\Users\User\AppData\Roaming\Tencent
2018-07-28 17:51:16 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2018-07-28 17:51:16 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2018-07-28 17:28:59 ----SHD---- C:\Users\User\AppData\Roaming\wyUpdate AU
2018-07-28 17:22:47 ----D---- C:\ProgramData\Delphi
2018-07-28 17:22:42 ----D---- C:\ProgramData\Common Diagnostics
2018-07-28 17:22:24 ----D---- C:\Users\User\AppData\Roaming\Delphi
2018-07-28 17:03:37 ----A---- C:\WINDOWS\SYSWOW64\ftd2xx.dll
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\ftserui2.dll
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\FTLang.dll
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\ftd2xx.dll
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\ftcserco.dll
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\ftbusui.dll
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\drivers\ftser2k.sys
2018-07-28 17:03:37 ----A---- C:\WINDOWS\system32\drivers\ftdibus.sys
2018-07-26 16:57:41 ----D---- C:\Users\User\AppData\Roaming\inkscape
2018-07-26 16:54:41 ----D---- C:\Program Files\Inkscape
2018-07-20 10:04:23 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-07-20 10:04:22 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-07-20 10:04:15 ----A---- C:\WINDOWS\system32\shell32.dll
2018-07-20 10:04:11 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-07-20 10:04:10 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-07-20 10:04:08 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-07-20 10:04:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-07-20 10:04:06 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-07-20 10:04:05 ----A---- C:\WINDOWS\system32\win32k.sys
2018-07-20 10:04:05 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-07-20 10:04:02 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2018-07-20 10:04:01 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-20 10:04:01 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-07-20 10:04:01 ----A---- C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-20 10:03:59 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2018-07-20 10:03:59 ----A---- C:\WINDOWS\system32\combase.dll
2018-07-20 10:03:58 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-07-20 10:03:58 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2018-07-20 10:03:58 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2018-07-20 10:03:58 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-07-20 10:03:58 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2018-07-20 10:03:57 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-07-20 10:03:57 ----A---- C:\WINDOWS\system32\winload.exe
2018-07-20 10:03:57 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-07-20 10:03:57 ----A---- C:\WINDOWS\system32\dnsapi.dll
2018-07-20 10:03:56 ----AC---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2018-07-20 10:03:56 ----AC---- C:\WINDOWS\system32\drivers\usbport.sys
2018-07-20 10:03:56 ----AC---- C:\WINDOWS\system32\drivers\UCX01000.SYS
2018-07-20 10:03:56 ----AC---- C:\WINDOWS\system32\drivers\intelppm.sys
2018-07-20 10:03:56 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2018-07-20 10:03:56 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-07-20 10:03:55 ----AC---- C:\WINDOWS\system32\drivers\amdppm.sys
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2018-07-20 10:03:55 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2018-07-20 10:03:55 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-20 10:03:55 ----A---- C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-20 10:03:54 ----A---- C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-20 10:03:53 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2018-07-20 10:03:52 ----AC---- C:\WINDOWS\system32\drivers\processr.sys
2018-07-20 10:03:52 ----AC---- C:\WINDOWS\system32\drivers\amdk8.sys
2018-07-20 10:03:52 ----A---- C:\WINDOWS\system32\drivers\mpsdrv.sys
2018-07-20 10:03:45 ----A---- C:\WINDOWS\system32\wininet.dll
2018-07-20 10:03:44 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-07-20 10:03:42 ----AC---- C:\WINDOWS\system32\drivers\fxppm.sys
2018-07-20 10:03:42 ----A---- C:\WINDOWS\system32\zipfldr.dll
2018-07-20 10:03:41 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-07-20 10:03:41 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-07-20 10:03:40 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-07-20 10:03:38 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-07-20 10:03:38 ----A---- C:\WINDOWS\system32\jscript.dll
2018-07-20 10:03:37 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-07-20 10:03:37 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-07-20 10:03:36 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-07-20 10:03:36 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-07-20 09:47:54 ----D---- C:\Users\User\AppData\Roaming\Skype
2018-07-15 13:57:15 ----D---- C:\Users\User\AppData\Roaming\ioloGovernor
2018-07-15 13:50:19 ----D---- C:\Program Files\Common Files\iolo
2018-07-15 13:48:27 ----A---- C:\WINDOWS\system32\invagent.dll
2018-07-15 13:48:27 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-07-15 13:48:27 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-07-15 13:48:27 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-07-15 13:48:27 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-07-15 13:48:26 ----A---- C:\WINDOWS\system32\devinv.dll
2018-07-15 13:48:26 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-07-15 13:48:26 ----A---- C:\WINDOWS\system32\centel.dll
2018-07-15 13:48:26 ----A---- C:\WINDOWS\system32\aepic.dll
2018-07-15 13:48:26 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-07-15 13:46:06 ----A---- C:\WINDOWS\SYSWOW64\mfc45.dat
2018-07-15 13:45:42 ----D---- C:\Users\User\AppData\Roaming\iolo

======List of files/folders modified in the last 1 month======

2018-08-14 14:41:24 ----SHD---- C:\WINDOWS\Installer
2018-08-14 14:41:04 ----SHD---- C:\Config.Msi
2018-08-14 14:41:04 ----RD---- C:\Program Files (x86)
2018-08-14 14:41:04 ----D---- C:\WINDOWS\Temp
2018-08-14 14:40:47 ----HD---- C:\ProgramData
2018-08-14 14:40:25 ----RD---- C:\Program Files
2018-08-14 14:40:18 ----D---- C:\WINDOWS\Tasks
2018-08-14 14:40:18 ----D---- C:\WINDOWS\system32\Tasks
2018-08-14 14:40:00 ----D---- C:\WINDOWS\Prefetch
2018-08-14 14:00:00 ----D---- C:\WINDOWS\system32\sru
2018-08-14 12:52:14 ----D---- C:\WINDOWS\System32
2018-08-14 12:52:14 ----D---- C:\WINDOWS\Inf
2018-08-14 12:52:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-14 12:28:57 ----D---- C:\WINDOWS\system32\drivers\etc
2018-08-14 12:12:56 ----D---- C:\ProgramData\Synaptics
2018-08-14 05:50:28 ----D---- C:\WINDOWS\Microsoft.NET
2018-08-13 16:08:19 ----SHD---- C:\System Volume Information
2018-08-13 11:28:08 ----D---- C:\WINDOWS\system32\NDF
2018-08-13 10:53:12 ----D---- C:\Program Files (x86)\Intel Driver Update Utility
2018-08-13 10:25:37 ----AD---- C:\Windows
2018-08-10 11:20:15 ----D---- C:\WINDOWS\system32\drivers
2018-08-10 11:19:19 ----D---- C:\WINDOWS\system32\DriverStore
2018-08-10 10:38:08 ----D---- C:\Program Files\Common Files
2018-08-06 16:01:28 ----D---- C:\WINDOWS\Minidump
2018-08-06 16:01:23 ----D---- C:\WINDOWS\debug
2018-08-06 09:55:36 ----D---- C:\WINDOWS\system32\config
2018-08-02 11:56:58 ----D---- C:\Users\User\AppData\Roaming\vlc
2018-07-30 12:27:19 ----D---- C:\WINDOWS\WinSxS
2018-07-30 12:26:01 ----D---- C:\WINDOWS\system32\catroot2
2018-07-30 12:18:38 ----D---- C:\WINDOWS\rescache
2018-07-30 10:16:18 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2018-07-28 17:52:19 ----D---- C:\WINDOWS\CbsTemp
2018-07-28 17:51:59 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-07-28 17:51:59 ----D---- C:\WINDOWS\SysWOW64
2018-07-28 17:51:59 ----D---- C:\WINDOWS\system32\en-US
2018-07-28 17:30:14 ----D---- C:\WINDOWS\system32\catroot
2018-07-26 09:50:10 ----D---- C:\Users\User\AppData\Roaming\Mozilla
2018-07-25 12:40:07 ----RSD---- C:\WINDOWS\assembly
2018-07-23 10:14:46 ----RD---- C:\WINDOWS\ToastData
2018-07-23 10:14:43 ----D---- C:\WINDOWS\system32\Boot
2018-07-23 10:14:42 ----RSD---- C:\WINDOWS\Fonts
2018-07-23 10:14:42 ----D---- C:\WINDOWS\apppatch
2018-07-23 10:14:34 ----D---- C:\WINDOWS\system32\appraiser
2018-07-23 08:58:06 ----D---- C:\WINDOWS\system32\MRT
2018-07-23 08:45:36 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-07-20 15:18:16 ----D---- C:\WINDOWS\ELAMBKUP
2018-07-20 09:47:58 ----SD---- C:\Users\User\AppData\Roaming\Microsoft
2018-07-17 00:02:20 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2018-07-16 09:08:24 ----D---- C:\WINDOWS\system32\Macromed
2018-07-16 09:08:21 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-07-15 13:43:03 ----RSD---- C:\WINDOWS\Media
2018-07-15 13:32:46 ----D---- C:\Program Files (x86)\Mozilla Thunderbird

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2018-04-17 1723552]
R0 LubSec;LubSec; C:\WINDOWS\System32\Drivers\LubSec.sys [2014-02-22 45304]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2018-06-28 609576]
R1 atc;atc; C:\WINDOWS\system32\DRIVERS\atc.sys [2018-04-27 1283464]
R1 ElRawDisk;ElRawDisk; \??\C:\WINDOWS\system32\drivers\ElRawDsk.sys [2013-12-03 30752]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2018-04-11 27552]
R1 RawDisk3;RawDisk3; \??\C:\WINDOWS\system32\drivers\rawdsk3.sys [2016-02-19 41576]
R1 SMIDriver;SMIDriver; C:\WINDOWS\system32\drivers\smi.sys [2014-01-22 19760]
R2 BdDci;BdDci Service; C:\WINDOWS\system32\DRIVERS\bddci.sys [2018-07-06 153160]
R3 ACPIVPC;@oem38.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-12-31 35576]
R3 AthBTPort;@oem33.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-12-24 89800]
R3 athr;@oem53.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2018-04-11 4307192]
R3 BTATH_A2DP;@oem32.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-12-24 338120]
R3 btath_avdt;@oem32.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-12-24 116424]
R3 BTATH_BUS;@oem30.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-12-24 34384]
R3 BTATH_HCRP;@oem35.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-12-24 179432]
R3 BTATH_LWFLT;@oem37.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-12-24 77464]
R3 BTATH_RCP;@oem39.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-12-24 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2018-04-11 65808]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2018-05-29 193184]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-09-09 3797416]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2018-05-03 5842912]
R3 IntcDAud;@oem60.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2018-04-11 480800]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-03-18 167424]
R3 RSP2STOR;@oem62.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2018-04-11 329664]
R3 RTL8168;@oem61.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2018-04-11 992704]
R3 rtsuvc;@oem58.inf,%rtsuvc.DeviceDesc%;EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2018-04-11 3127552]
R3 SynTP;@oem13.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-01-24 532720]
R3 TXEIx64;@oem54.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\WINDOWS\System32\drivers\TXEIx64.sys [2018-04-11 88592]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2018-04-19 23032]
S1 mzgqzlkd;mzgqzlkd; \??\C:\WINDOWS\system32\drivers\mzgqzlkd.sys []
S2 LubFsFlt;LubFsFlt; \??\C:\windows\System32\Drivers\LubFsFlt.sys [2014-02-22 27384]
S3 bdprivmon;bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [2018-04-20 45104]
S3 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2018-04-27 96448]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dg_ssudbus;@oem48.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 FTDIBUS;@oem5.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2016-02-01 110912]
S3 FTSER2K;@oem66.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2016-02-01 95168]
S3 GemCCID;GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [2016-10-17 137712]
S3 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2018-05-04 191592]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2016-10-18 21984]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-01-24 34544]
S3 ssudmdm;@oem49.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 tap0901;@oem52.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2016-04-21 27136]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2014-03-18 121088]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-12-24 318592]
R2 BDAuxSrv;Bitdefender Auxiliary Service; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [2018-07-11 500696]
R2 bdredline;Bitdefender RedLine Service; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2018-03-22 2195320]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 DSAService;Intel(R) Driver and Support Assistant; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [2017-08-10 22264]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-09-09 330144]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-31 198192]
R2 ProductAgentService;Bitdefender Product Agent Service; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2018-07-31 1284032]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2017-01-16 752224]
R2 SystemUsageReportSvc_QUEENCREEK;Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [2017-03-07 157456]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [2018-07-09 112144]
R2 USBBKSvc;USBBKSvc; C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe [2013-12-25 35824]
R2 valWBFPolicyService;@oem34.inf,%WBFService_SvcDesc%;Validity WBF Policy Service; C:\WINDOWS\system32\valWBFPolicyService.exe [2018-04-11 88400]
R2 VSSERV;Bitdefender Virus Shield; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [2018-07-12 810352]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\p System explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-09-09 291736]
S3 ESRV_SVC_QUEENCREEK;Energy Server Service queencreek; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [2017-03-07 824592]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-25 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 USER_ESRV_SVC_QUEENCREEK;User Energy Server Service queencreek; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [2017-03-07 824592]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-14 153752]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-14 153752]

-----------------EOF-----------------

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu

#4 Příspěvek od JaRon »

FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

lavega
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 28 říj 2012 09:07

Re: Kontrola logu

#5 Příspěvek od lavega »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by User (administrator) on NOTEB50 (14-08-2018 15:25:39)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 8.1 Connected (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(f.lux Software LLC) C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Vivaldi Technologies AS) C:\Users\User\AppData\Local\Vivaldi\Application\update_notifier.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSATray.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Mister Group) C:\Program Files (x86)\p System explorer\SystemExplorer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mister Group) C:\Program Files (x86)\p System explorer\service\SystemExplorerService64.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384360 2018-05-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-05-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-05-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-05-03] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5158144 2018-04-11] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-12-31] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10973168 2014-12-31] (Lenovo(beijing) Limited)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [485160 2018-07-17] (Bitdefender)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe [137976 2017-08-10] (Intel)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\p System explorer\SystemExplorer.exe" /TRAY
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] (Atheros Communications)
HKU\S-1-5-21-470771851-3400142543-3540521528-1001\...\Run: [f.lux] => C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe [1806344 2018-07-03] (f.lux Software LLC)
HKU\S-1-5-21-470771851-3400142543-3540521528-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1184928 2018-05-02] (Samsung)
HKU\S-1-5-21-470771851-3400142543-3540521528-1001\...\Run: [Vivaldi Update Notifier] => C:\Users\User\AppData\Local\Vivaldi\Application\update_notifier.exe [1495624 2018-08-06] (Vivaldi Technologies AS)
HKU\S-1-5-21-470771851-3400142543-3540521528-1001\...\MountPoints2: {17487e29-0025-11e8-826f-d0534907858a} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-470771851-3400142543-3540521528-1001\...\MountPoints2: {26a61fde-9151-11e7-826a-d0534907858a} - "G:\autorun.exe"
HKU\S-1-5-21-470771851-3400142543-3540521528-1001\...\MountPoints2: {46d9f2cd-da88-11e7-826e-d0534907858a} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-470771851-3400142543-3540521528-1001\...\MountPoints2: {46d9fe0f-da88-11e7-826e-d0534907858a} - "H:\autorun.exe"
HKU\S-1-5-21-470771851-3400142543-3540521528-1001\...\MountPoints2: {69e3820d-ae5a-11e7-826c-d0534907858a} - "H:\HiSuiteDownLoader.exe"
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2DD903A8-4D0A-4393-94D5-77468828C304}: [NameServer] 8.8.4.4
Tcpip\..\Interfaces\{2DD903A8-4D0A-4393-94D5-77468828C304}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FE035D8F-DB7A-4167-AD42-5642EBC78DD6}: [DhcpNameServer] 169.254.54.64

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-470771851-3400142543-3540521528-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-470771851-3400142543-3540521528-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-470771851-3400142543-3540521528-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-470771851-3400142543-3540521528-1001 -> {333FCE25-6272-4987-B689-B1928B7A20B9} URL =
SearchScopes: HKU\S-1-5-21-470771851-3400142543-3540521528-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10438__180618__yaie&p={searchTerms}
BHO: Bitdefender - Portmonka -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-07-09] (Bitdefender)
BHO-x32: Bitdefender - Portmonka -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-07-09] (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18] (Oracle Corporation)
Toolbar: HKLM - Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-07-09] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-07-09] (Bitdefender)
Toolbar: HKU\S-1-5-21-470771851-3400142543-3540521528-1001 -> Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-07-09] (Bitdefender)

FireFox:
========
FF DefaultProfile: 6j2z2cg2.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\6j2z2cg2.default [2018-08-14]
FF Homepage: Moonchild Productions\Pale Moon\Profiles\6j2z2cg2.default -> hxxp://www.shmu.sk/sk/?page=1&id=meteo_num_mgr ... esto=31434
FF NewTab: Moonchild Productions\Pale Moon\Profiles\6j2z2cg2.default -> about:newtab
FF Extension: (Geocaching.com GPX Downloader) - C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\6j2z2cg2.default\Extensions\gpxdown@geocaching.com.xpi [2018-06-13] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\6j2z2cg2.default\Extensions\langpack-cs@palemoon.org.xpi [2018-06-18] [Legacy] [not signed]
FF Extension: (LastPass) - C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\6j2z2cg2.default\Extensions\support@lastpass.com [2018-04-26] [Legacy]
FF Extension: (Thumbnail Zoom Plus) - C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\6j2z2cg2.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2018-04-26] [Legacy]
FF Extension: (uBlock Origin) - C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\6j2z2cg2.default\Extensions\uBlock0@raymondhill.net.xpi [2018-04-26] [Legacy]
FF Extension: (SEO Site Tools, Site Analysis) - C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\6j2z2cg2.default\Extensions\{e30e9060-21d5-11e3-8224-0800200c9a66} [2018-04-26] [Legacy]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\6j2z2cg2.default\searchplugins\openstreetmap.xml [2018-04-26]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\6j2z2cg2.default\searchplugins\startpage.xml [2018-04-26]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF Extension: (No Name) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff [2018-07-20]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2018-07-20] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-16] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-04-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: JFGuide -> C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll [2016-11-18] ()
FF Plugin-x32: JFWeb -> C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll [2017-02-27] ()
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-470771851-3400142543-3540521528-1001: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-470771851-3400142543-3540521528-1001: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-470771851-3400142543-3540521528-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-470771851-3400142543-3540521528-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-470771851-3400142543-3540521528-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-04-24] (Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.shmu.sk/sk/?page=1&id=meteo_num_mgr ... itysturovo"
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2018-08-14]
CHR Extension: (Prezentácie) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-13]
CHR Extension: (CacheList) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa [2018-06-13]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-13]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-13]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-13]
CHR Extension: (uBlock Origin) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-07-25]
CHR Extension: (ARC Welder) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2018-07-24]
CHR Extension: (Tabuľky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-13]
CHR Extension: (Bitdefender Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2018-08-10]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-14]
CHR Extension: (Super Zoom) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnamdgilanlgeeljfnckhboobddoahbl [2018-07-26]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-08-13]
CHR Extension: (Anonymous) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iceilgfippckmaabaghcnfmieeccoipf [2018-07-26]
CHR Extension: (App Runtime for Chrome (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2018-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-13]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-13]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-07]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows (R) Win 7 DDK provider) [File not signed]
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [500696 2018-07-11] (Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-03-22] (Bitdefender)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R2 DSAService; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [22264 2017-08-10] (Intel)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330144 2015-09-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-12-31] (Lenovo(beijing) Limited)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1284032 2018-07-31] (Bitdefender)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R3 SystemExplorerHelpService; C:\Program Files (x86)\p System explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [157456 2017-03-07] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [112144 2018-07-09] (Bitdefender)
R2 USBBKSvc; C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe [35824 2013-12-25] (Lenovo(beijing) Limited)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [88400 2018-04-11] (Synaptics Incorporated)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [810352 2018-07-12] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-12-24] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1283464 2018-04-27] (BitDefender S.R.L. Bucharest, ROMANIA)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [4307192 2018-04-11] (Qualcomm Atheros Communications, Inc.)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1723552 2018-04-17] (BitDefender)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [153160 2018-07-06] (Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23032 2018-04-19] (Bitdefender)
S3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [45104 2018-04-20] (© Bitdefender SRL)
S3 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-04-27] (BitDefender)
R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\ElRawDsk.sys [30752 2013-12-03] (EldoS Corporation)
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [137712 2016-10-17] (Gemalto)
R3 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [193184 2018-05-29] (BitDefender LLC)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-04-11] (REALiX(tm))
S3 Ignis; C:\WINDOWS\System32\DRIVERS\ignis.sys [191592 2018-05-04] (Bitdefender)
S2 LubFsFlt; C:\windows\System32\Drivers\LubFsFlt.sys [27384 2014-02-22] (Lenovo(beijing) Limited)
R0 LubSec; C:\WINDOWS\System32\Drivers\LubSec.sys [45304 2014-02-22] (Lenovo(beijing) Limited)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [41576 2016-02-19] (EldoS Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [329664 2018-04-11] (Realtek Semiconductor Corp.)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3127552 2018-04-11] (Realtek Semiconductor Corp.)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-24] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\System32\drivers\smi.sys [19760 2014-01-22] (Windows (R) Win 7 DDK provider)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [609576 2018-06-28] (Bitdefender)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2018-04-11] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S1 mzgqzlkd; \??\C:\WINDOWS\system32\drivers\mzgqzlkd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-14 15:25 - 2018-08-14 15:26 - 000028325 _____ C:\Users\User\Desktop\FRST.txt
2018-08-14 15:25 - 2018-08-14 15:25 - 000000000 ____D C:\FRST
2018-08-14 15:24 - 2018-08-14 15:24 - 002412544 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2018-08-14 15:18 - 2018-08-14 15:17 - 000112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2018-08-14 15:17 - 2018-08-14 15:17 - 000112640 _____ (forum.viry.cz) C:\Users\User\Downloads\FRSTLauncher.exe
2018-08-14 15:15 - 2018-08-14 15:15 - 000112640 _____ (forum.viry.cz) C:\Users\User\Downloads\Nepotvrdené 362566.crdownload
2018-08-14 15:15 - 2018-08-14 15:15 - 000112640 _____ (forum.viry.cz) C:\Users\User\Desktop\Nepotvrdené 389670.crdownload
2018-08-14 15:12 - 2018-08-14 15:12 - 000112640 _____ (forum.viry.cz) C:\Users\User\Downloads\Nepotvrdené 876422.crdownload
2018-08-14 12:47 - 2018-08-14 12:47 - 005660586 _____ C:\Users\User\Downloads\ComboFix.rar
2018-08-14 12:47 - 2018-08-14 12:47 - 000658821 _____ C:\Users\User\Downloads\RSITx64.rar
2018-08-14 12:47 - 2018-08-14 12:47 - 000513982 _____ C:\Users\User\Downloads\RegCleaner.rar
2018-08-14 12:47 - 2018-08-14 12:47 - 000300395 _____ C:\Users\User\Downloads\hijackthis.rar
2018-08-14 12:23 - 2018-08-14 12:23 - 005660510 _____ (Swearware) C:\Users\User\Downloads\ComboFix.exe
2018-08-14 12:21 - 2018-08-14 14:42 - 000000000 ____D C:\Program Files\trend micro
2018-08-14 12:21 - 2018-08-14 12:21 - 000000000 ____D C:\rsit
2018-08-14 12:20 - 2018-08-14 12:20 - 001222144 _____ C:\Users\User\Downloads\RSITx64.exe
2018-08-14 12:02 - 2018-08-14 12:02 - 000000000 ____D C:\Program Files (x86)\RegCleaner
2018-08-14 11:13 - 2018-08-14 11:13 - 000000000 ____D C:\Users\User\Downloads\backups
2018-08-14 11:11 - 2018-08-14 11:11 - 000388608 _____ (Trend Micro Inc.) C:\Users\User\Downloads\hijackthis.exe
2018-08-14 11:10 - 2018-08-14 11:10 - 000553687 _____ C:\Users\User\Downloads\RegCleaner.exe
2018-08-13 10:32 - 2018-08-13 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAC MW klient
2018-08-13 10:32 - 2018-08-13 10:32 - 000000000 ____D C:\Program Files (x86)\EAC MW klient
2018-08-13 08:57 - 2018-08-13 08:57 - 001038438 _____ C:\Users\User\Downloads\2018-08-12T19-33_Transaction_1733898583389398-3645159.pdf
2018-08-10 11:20 - 2018-08-10 11:20 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-08-10 11:10 - 2018-08-10 11:11 - 034944136 _____ (SUPERAntiSpyware) C:\Users\User\Downloads\SUPERAntiSpyware.exe
2018-08-10 11:00 - 2018-08-10 11:00 - 000035941 _____ C:\ProgramData\dm.uninstall.1533891627.bdinstall.bin
2018-08-10 10:59 - 2018-08-10 10:59 - 000057975 _____ C:\ProgramData\dm.1533891464.bdinstall.bin
2018-08-10 10:58 - 2018-08-10 10:58 - 000000000 ____D C:\ProgramData\Bitdefender Device Management
2018-08-10 10:57 - 2018-08-14 08:43 - 000001146 _____ C:\bdlog.txt
2018-08-10 10:57 - 2018-08-10 10:57 - 000395839 _____ C:\ProgramData\cl.1533890334.bdinstall.bin
2018-08-10 10:57 - 2018-08-10 10:57 - 000045826 _____ C:\ProgramData\cl.kit.1533890287.bdinstall.bin
2018-08-10 10:56 - 2018-08-10 10:56 - 000000000 ____D C:\ProgramData\Atc
2018-08-10 10:49 - 2018-08-10 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2018-08-10 10:49 - 2018-08-10 10:49 - 000000000 ____D C:\ProgramData\BDLogging
2018-08-10 10:48 - 2018-08-10 10:48 - 000002544 _____ C:\Users\User\AppData\Local\recently-used.xbel
2018-08-10 10:48 - 2018-07-06 18:01 - 000153160 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2018-08-10 10:48 - 2018-04-27 08:45 - 000096448 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2018-08-10 10:48 - 2018-04-27 06:29 - 001283464 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2018-08-10 10:48 - 2018-04-20 08:25 - 000045104 _____ (© Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
2018-08-10 10:48 - 2018-04-19 08:37 - 000023032 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2018-08-10 10:48 - 2018-04-17 11:27 - 001723552 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2018-08-10 10:48 - 2007-04-11 11:11 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2018-08-10 10:47 - 2018-05-04 16:19 - 000191592 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2018-08-10 10:46 - 2018-08-10 10:57 - 000000000 ____D C:\Users\User\AppData\Roaming\Bitdefender
2018-08-10 10:40 - 2018-08-10 10:40 - 000000000 ____D C:\Users\User\AppData\Roaming\QuickScan
2018-08-10 10:39 - 2018-08-14 12:37 - 000000000 ____D C:\ProgramData\Bitdefender
2018-08-10 10:39 - 2018-08-13 10:25 - 000000000 ____D C:\Program Files\Bitdefender
2018-08-10 10:39 - 2018-06-28 14:39 - 000609576 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2018-08-10 10:39 - 2018-05-29 05:04 - 000193184 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2018-08-10 10:38 - 2018-08-10 10:39 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2018-08-10 10:34 - 2018-08-14 12:15 - 000003648 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2018-08-10 10:32 - 2018-08-10 10:59 - 000000000 ____D C:\Program Files\Bitdefender Agent
2018-08-10 10:32 - 2018-08-10 10:32 - 000047325 _____ C:\ProgramData\agent.1533889940.bdinstall.bin
2018-08-10 10:32 - 2018-08-10 10:32 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2018-08-10 10:30 - 2018-08-10 10:31 - 011535760 _____ C:\Users\User\Downloads\bitdefender_windows_e0c1f17b-3efb-4933-90e7-1d15fedcccdd.exe
2018-08-07 11:31 - 2018-08-07 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2018-08-07 11:30 - 2018-08-08 09:41 - 000000000 ____D C:\Program Files (x86)\WinHTTrack
2018-08-06 16:01 - 2018-08-06 16:01 - 411361048 _____ C:\WINDOWS\MEMORY.DMP
2018-08-06 16:01 - 2018-08-06 16:01 - 000285168 _____ C:\WINDOWS\Minidump\080618-30265-01.dmp
2018-08-06 14:33 - 2018-08-06 14:33 - 000156200 _____ C:\Users\User\Downloads\obec bajtava zverejnuje zamer- na priamy odpredaj pozemku.pdf
2018-08-06 14:32 - 2018-08-06 14:32 - 000408520 _____ C:\Users\User\Downloads\vyberove konanie ms 2018.pdf
2018-08-06 14:32 - 2018-08-06 14:32 - 000268633 _____ C:\Users\User\Downloads\zamer prenajmu nehnutelneho majetku obce (1).pdf
2018-08-06 08:50 - 2018-08-10 11:29 - 000000000 ____D C:\Users\User\AppData\Roaming\system32
2018-08-03 08:56 - 2018-08-03 14:32 - 000115712 _____ C:\Users\User\Documents\Porovn.kalk_ext (1).xlsm
2018-08-03 08:49 - 2018-08-03 08:49 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-08-03 08:49 - 2018-08-03 08:49 - 000002195 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-08-03 08:49 - 2018-08-03 08:49 - 000000000 ____D C:\Program Files\Google
2018-07-30 10:16 - 2018-07-30 10:16 - 000000000 ____D C:\ProgramData\iolo
2018-07-30 09:27 - 2018-07-30 09:27 - 000268633 _____ C:\Users\User\Downloads\zamer prenajmu nehnutelneho majetku obce.pdf
2018-07-30 09:27 - 2018-07-30 09:27 - 000037293 _____ C:\Users\User\Downloads\su.pdf
2018-07-28 19:26 - 2018-07-28 19:26 - 000000000 ____D C:\ProgramData\Tencent
2018-07-28 19:22 - 2018-07-28 19:26 - 000000000 ____D C:\Users\User\AppData\Roaming\Tencent
2018-07-28 17:51 - 2018-07-28 17:51 - 000030400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2018-07-28 17:51 - 2018-07-28 17:51 - 000028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2018-07-28 17:29 - 2018-07-28 17:38 - 000000000 __SHD C:\Users\User\wc
2018-07-28 17:28 - 2018-07-28 17:29 - 000000000 __SHD C:\Users\User\AppData\Roaming\wyUpdate AU
2018-07-28 17:22 - 2018-07-28 17:22 - 000000116 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2018-07-28 17:22 - 2018-07-28 17:22 - 000000000 ____D C:\Users\User\AppData\Roaming\Delphi
2018-07-28 17:22 - 2018-07-28 17:22 - 000000000 ____D C:\ProgramData\Delphi
2018-07-28 17:22 - 2018-07-28 17:22 - 000000000 ____D C:\ProgramData\Common Diagnostics
2018-07-28 17:03 - 2016-02-01 14:51 - 000316352 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftd2xx.dll
2018-07-28 17:03 - 2016-02-01 14:51 - 000274872 _____ (FTDI Ltd.) C:\WINDOWS\system32\FTLang.dll
2018-07-28 17:03 - 2016-02-01 14:51 - 000274360 _____ (FTDI Ltd.) C:\WINDOWS\SysWOW64\ftd2xx.dll
2018-07-28 17:03 - 2016-02-01 14:51 - 000168384 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftbusui.dll
2018-07-28 17:03 - 2016-02-01 14:51 - 000110912 _____ (FTDI Ltd.) C:\WINDOWS\system32\Drivers\ftdibus.sys
2018-07-28 17:03 - 2016-02-01 14:51 - 000095168 _____ (FTDI Ltd.) C:\WINDOWS\system32\Drivers\ftser2k.sys
2018-07-28 17:03 - 2016-02-01 14:51 - 000075200 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftcserco.dll
2018-07-28 17:03 - 2016-02-01 14:51 - 000065472 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftserui2.dll
2018-07-26 16:57 - 2018-07-26 16:57 - 000000000 ____D C:\Users\User\AppData\Roaming\inkscape
2018-07-26 16:55 - 2018-07-26 16:55 - 000000918 _____ C:\Users\Public\Desktop\Inkscape 0.92.3.lnk
2018-07-26 16:54 - 2018-07-26 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.92.3
2018-07-26 16:54 - 2018-07-26 16:55 - 000000000 ____D C:\Program Files\Inkscape
2018-07-26 16:52 - 2018-07-26 16:52 - 083605743 _____ C:\Users\User\Downloads\inkscape-0.92.3-x64.msi
2018-07-26 10:20 - 2018-07-26 10:20 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome
2018-07-20 10:04 - 2018-06-20 22:01 - 007398232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-20 10:04 - 2018-06-15 05:01 - 004169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-07-20 10:04 - 2018-06-12 10:00 - 022374248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-07-20 10:04 - 2018-06-12 09:57 - 019790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-07-20 10:04 - 2018-06-11 18:55 - 025744896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-07-20 10:04 - 2018-06-11 18:36 - 003119616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-07-20 10:04 - 2018-06-11 18:06 - 005779968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-07-20 10:04 - 2018-06-11 17:36 - 015283200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-07-20 10:04 - 2018-06-09 18:40 - 020286976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-07-20 10:04 - 2018-06-09 17:37 - 004496384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-07-20 10:04 - 2018-06-09 17:36 - 013680128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-07-20 10:04 - 2018-05-24 23:29 - 002449752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-20 10:04 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-20 10:04 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-20 10:03 - 2018-06-20 21:44 - 001676064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-07-20 10:03 - 2018-06-20 21:44 - 001536120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-07-20 10:03 - 2018-06-20 20:48 - 000095744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2018-07-20 10:03 - 2018-06-20 20:48 - 000027136 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fxppm.sys
2018-07-20 10:03 - 2018-06-20 18:58 - 000098816 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2018-07-20 10:03 - 2018-06-20 18:58 - 000098816 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2018-07-20 10:03 - 2018-06-20 18:58 - 000092672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2018-07-20 10:03 - 2018-06-11 18:14 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-07-20 10:03 - 2018-06-11 18:04 - 000794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-07-20 10:03 - 2018-06-11 17:39 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-07-20 10:03 - 2018-06-11 17:31 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-07-20 10:03 - 2018-06-11 17:22 - 003241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-07-20 10:03 - 2018-06-11 17:11 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-07-20 10:03 - 2018-06-11 16:59 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-07-20 10:03 - 2018-06-09 18:26 - 002712064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-07-20 10:03 - 2018-06-09 18:09 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-07-20 10:03 - 2018-06-09 17:59 - 000662016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-07-20 10:03 - 2018-06-09 17:37 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-07-20 10:03 - 2018-06-09 17:32 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-07-20 10:03 - 2018-06-09 17:11 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-07-20 10:03 - 2018-06-09 17:08 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-07-20 10:03 - 2018-06-09 17:06 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-07-20 10:03 - 2018-06-09 04:47 - 002176072 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-07-20 10:03 - 2018-06-09 03:44 - 001565528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-07-20 10:03 - 2018-06-08 20:26 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-07-20 10:03 - 2018-06-08 19:54 - 000656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-07-20 10:03 - 2018-06-08 19:53 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-07-20 10:03 - 2018-06-08 19:07 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-07-20 10:03 - 2018-06-08 18:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-07-20 10:03 - 2018-06-07 20:51 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-07-20 10:03 - 2018-05-24 23:29 - 000428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2018-07-20 10:03 - 2018-05-15 10:42 - 000590680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-07-20 10:03 - 2018-05-04 01:02 - 000439640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2018-07-20 10:03 - 2018-05-04 01:02 - 000325456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-07-20 10:03 - 2018-05-04 01:02 - 000187728 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2018-07-20 10:03 - 2018-04-26 15:43 - 000918296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000065880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000021848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000018776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000017240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000017240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000015704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000015192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000013656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000013152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000063832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000020824 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000019288 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000017752 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000017752 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000016216 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000014168 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000013656 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000012632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-20 10:03 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-20 10:03 - 2018-04-25 19:38 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-07-20 10:03 - 2018-03-10 19:51 - 000685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-07-20 09:47 - 2018-07-20 09:48 - 000000000 ____D C:\Users\User\AppData\Roaming\Skype
2018-07-15 13:57 - 2018-07-15 13:57 - 000000000 ____D C:\Users\User\AppData\Roaming\ioloGovernor
2018-07-15 13:50 - 2018-07-15 13:50 - 000000000 ____D C:\Users\User\AppData\Local\iolo
2018-07-15 13:50 - 2018-07-15 13:50 - 000000000 ____D C:\Program Files\Common Files\iolo
2018-07-15 13:48 - 2018-07-28 17:04 - 000000000 ____D C:\Users\User\AppData\Local\Downloaded Installations
2018-07-15 13:48 - 2018-06-12 21:01 - 000149632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-07-15 13:48 - 2018-06-08 15:15 - 002860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-07-15 13:48 - 2018-06-08 15:15 - 001602048 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-07-15 13:48 - 2018-06-08 15:15 - 000783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-07-15 13:48 - 2018-06-08 15:15 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-07-15 13:48 - 2018-06-08 15:15 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-07-15 13:48 - 2018-06-08 15:15 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2018-07-15 13:48 - 2018-06-08 15:15 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-07-15 13:48 - 2018-06-08 15:15 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-07-15 13:48 - 2018-06-08 15:15 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-07-15 13:46 - 2018-07-15 13:46 - 000074703 _____ C:\WINDOWS\SysWOW64\mfc45.dat
2018-07-15 13:45 - 2018-07-15 13:45 - 000000000 ____D C:\Users\User\AppData\Roaming\iolo

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-14 14:45 - 2017-04-12 14:57 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-470771851-3400142543-3540521528-1001
2018-08-14 12:52 - 2014-03-18 11:53 - 000863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-14 12:52 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2018-08-14 12:40 - 2018-06-05 13:33 - 000000000 ____D C:\Users\User\Downloads\M OJ E
2018-08-14 12:16 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2018-08-14 12:15 - 2017-04-14 05:33 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2018-08-14 12:14 - 2018-04-16 10:56 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2018-08-14 12:13 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-14 12:12 - 2018-04-11 16:03 - 000000000 ____D C:\ProgramData\Synaptics
2018-08-14 09:18 - 2018-04-09 13:46 - 000000000 ____D C:\Users\User\Documents\Tlačivá
2018-08-13 16:02 - 2018-04-24 13:26 - 000000000 ____D C:\Users\User\Documents\Do vykladu
2018-08-13 13:29 - 2018-01-30 11:57 - 000000000 ____D C:\Users\User\Documents\! REALITY
2018-08-13 11:28 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-13 10:54 - 2018-05-29 15:37 - 000002300 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2018-08-13 10:54 - 2018-05-29 15:37 - 000002263 _____ C:\Users\User\Desktop\Vivaldi.lnk
2018-08-13 10:54 - 2018-05-29 15:37 - 000000000 ____D C:\Users\User\AppData\Local\Vivaldi
2018-08-13 10:53 - 2017-09-11 12:41 - 000000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2018-08-13 10:29 - 2018-04-03 13:02 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-08-10 10:02 - 2018-04-03 11:31 - 000000000 ____D C:\Users\User\Desktop\WIWA vizitky logo
2018-08-09 08:56 - 2018-06-13 13:10 - 000002451 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-07 10:11 - 2018-05-14 13:29 - 000000000 ____D C:\Users\User\Documents\WebAdmin
2018-08-07 09:18 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-08-06 16:01 - 2018-05-11 16:08 - 000000000 ____D C:\WINDOWS\Minidump
2018-08-02 13:49 - 2018-07-11 11:38 - 000000000 ____D C:\Users\User\Documents\Domonkos
2018-08-02 11:56 - 2017-04-14 06:10 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2018-07-30 12:18 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2018-07-30 11:50 - 2018-02-06 10:24 - 000000000 ____D C:\Users\User\Documents\FIRMA WIWA
2018-07-30 10:16 - 2014-12-31 01:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-07-30 08:55 - 2018-02-07 10:34 - 000000000 ____D C:\Users\User\Documents\Bluetooth Folder
2018-07-28 17:52 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-28 17:07 - 2018-02-06 10:44 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2018-07-26 16:51 - 2018-02-06 12:12 - 000000000 ____D C:\Users\User\.gimp-2.8
2018-07-26 09:50 - 2017-04-14 05:27 - 000000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2018-07-23 10:23 - 2013-08-22 16:44 - 000483736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-23 10:14 - 2018-02-15 11:47 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-07-23 10:14 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2018-07-23 08:58 - 2018-02-06 17:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-23 08:45 - 2018-02-06 17:40 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-20 15:18 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\ELAMBKUP
2018-07-17 00:02 - 2018-02-26 13:20 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-07-16 14:11 - 2018-02-21 12:38 - 000000778 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Nehnuteľnosti.sk Reality, špecialisti na realitnú inzerciu..website
2018-07-16 09:08 - 2018-05-03 11:24 - 000004458 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-16 09:08 - 2017-04-14 09:21 - 000000000 ____D C:\Users\User\AppData\Local\Adobe
2018-07-16 09:08 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-07-16 09:08 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-07-15 13:43 - 2013-08-22 17:36 - 000000000 __RSD C:\WINDOWS\Media
2018-07-15 13:32 - 2018-03-05 16:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Files in the root of some directories =======

2017-04-12 14:55 - 2017-04-12 14:55 - 000000000 _____ () C:\Users\User\AppData\Roaming\AbsoluteReminder.xml
2018-04-10 11:58 - 2015-10-29 00:22 - 000000115 _____ () C:\Users\User\AppData\Roaming\key.txt
2018-08-10 10:48 - 2018-08-10 10:48 - 000002544 _____ () C:\Users\User\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
2018-08-14 14:39 - 2018-08-14 14:39 - 003437504 _____ (Geek Unіnstaller) C:\Users\User\AppData\Local\Temp\geek64.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\User\Desktop" je 1077 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu

#6 Příspěvek od JaRon »

Vycisti PC s Adwcleanerom, log sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

lavega
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 28 říj 2012 09:07

Re: Kontrola logu

#7 Příspěvek od lavega »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-10.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-15-2018
# Duration: 00:00:16
# OS: Windows 8.1 Connected
# Cleaned: 32
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\User\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\ProgramData\Auslogics
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean
Deleted C:\Program Files (x86)\BlueSprig
Deleted C:\Users\User\AppData\Roaming\BlueSprig
Deleted C:\ProgramData\Pokki
Deleted C:\Users\Public\Pokki
Deleted C:\ProgramData\Tencent
Deleted C:\Users\User\AppData\Local\Temp\Tencent
Deleted C:\Users\User\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\JetCleanLoginCheckUpdate

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM1
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
Deleted HKLM\Software\Wow6432Node\Auslogics
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BlueSprig_JetClean_is1
Deleted HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\JetClean Ext Menu
Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\JetClean Ext Menu
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}
Deleted HKLM\Software\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}
Deleted HKLM\Software\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}
Deleted HKLM\Software\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{979FB0BF-CD4F-4499-84C0-9BD5E4E074AE}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JetCleanLoginCheckUpdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{ABBB74E0-20C0-4392-A157-3633A99710BA}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3B899A9A-0C5A-4A42-A31F-827C7AE75443}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4457 octets] - [15/08/2018 08:42:14]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Naposledy upravil(a) lavega dne 15 srp 2018 08:26, celkem upraveno 1 x.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu

#8 Příspěvek od JaRon »

pouzi ADWCleaner - funkcia clean
+
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
S1 mzgqzlkd; \??\C:\WINDOWS\system32\drivers\mzgqzlkd.sys [X]


EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

lavega
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 28 říj 2012 09:07

Re: Kontrola logu

#9 Příspěvek od lavega »

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by User (15-08-2018 10:04:35) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
S1 mzgqzlkd; \??\C:\WINDOWS\system32\drivers\mzgqzlkd.sys [X]


EmptyTemp:
Reboot:
End
*****************

"HKLM\System\CurrentControlSet\Services\mzgqzlkd" => removed successfully
mzgqzlkd => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24233413 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 119284 B
Edge => 0 B
Chrome => 250802700 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 6514 B
NetworkService => 84458 B
User => 936421166 B

RecycleBin => 65189169 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:05:40 ====

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu

#10 Příspěvek od JaRon »

restartuj PC a napis, ci su este nejake problemy ?
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

lavega
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 28 říj 2012 09:07

Re: Kontrola logu

#11 Příspěvek od lavega »

Zatial ide pc dobre, uvidím poobede či bude spomalené.
Ďakujem

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola logu

#12 Příspěvek od JaRon »

u mna ciste
za malo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět