Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Problém s prehliadavačmi, safefinder.com

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zpráva
Autor
Uživatelský avatar
suprrotka
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 72
Registrován: 30 led 2010 14:49

Problém s prehliadavačmi, safefinder.com

#1 Příspěvek od suprrotka »

Dobrý večer, pri sťahovaní doplnku sa mi nechtiac dostal safefinder.com do všetkých prehliadavačov. Pri zadávaní stránky, ma vždy presmeruje na

Kód: Vybrat vše

http://search.safefinder.com/?st=dd&q=
Prosím pomôžte mi, ako to mám odstrániť. Nech sa páči tu je Log :)

Ďakujem

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kado at 2015-08-24 22:20:01
Microsoft Windows 8.1 
System drive C: has 297 GB (82%) free of 364 GB
Total RAM: 8090 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:20:05, on 24.08.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Program Files\trend micro\Kado.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3daefMIBbhJBoosZhQNIHj2uxz0f7wG74yT3vkxXxXLUx46Rx5xEwWwUm6Q504OCnXMHYY5vgMRqSW0pi-VmbIqVNK2q3Hyh4tmGtSN750ztmN1sY6lFU66Bg-IncM7hlcvAvGYuJiYyMQAmc-tIr91JeBkV&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3daefMIBbhJBoosZhQNIHj2uxz0f7wG74yT3vkxXxXLUx46Rx5xEwWwUm6Q504OCnXMHYY5vgMRqSW0pi-VmbIqVNK2q3Hyh4tmGtSN750ztmN1sY6lFU66Bg-IncM7hlcvAvGYuJiYyMQAmc-tIr91JeBkV&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3daefMIBbhJBoosZhQNIHj2uxz0f7wG74yT3vkxXxXLUx46Rx5xEwWwUm6Q504OCnXMHYY5vgMRqSW0pi-VmbIqVNK2q3Hyh4tmGtSN750ztmN1sY6lFU66Bg-IncM7hlcvAvGYuJiYyMQAmc-tIr91JeBkV&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3daefMIBbhJBoosZhQNIHj2uxz0f7wG74yT3vkxXxXLUx46Rx5xEwWwUm6Q504OCnXMHYY5vgMRqSWF08BhB_6usxF5po_3nw6VfeCz--n3EZoV8SaVjAZOWyyX2NLYfO2yCzC1fKaqQMX0tv8W0DOwhF0Ip
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3daefMIBbhJBoosZhQNIHj2uxz0f7wG74yT3vkxXxXLUx46Rx5xEwWwUm6Q504OCnXMHYY5vgMRqSW0pi-VmbIqVNK2q3Hyh4tmGtSN750ztmN1sY6lFU66Bg-IncM7hlcvAvGYuJiYyMQAmc-tIr91JeBkV&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Pokki] C:\WINDOWS\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Poeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový poekladae... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O20 - AppInit_DLLs: C:\ProgramData\ExtTag\TreeDinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ExtTag - Unknown owner - C:\ProgramData\ExtTag\ExtTag.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @oem23.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo QuickSnip Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NixSrv Service (NixSrv) - Unknown owner - C:\Program Files\NixSrv\NixSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: ValBioService - Validity Sensors, Inc. - C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15387 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\ibmpmsvc.exe
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8288c3f7-ddb9-472b-962a-0c50d4557091 -SystemEventPortName:HostProcess-a6439f54-60df-4ded-bada-e5e5fa24afe7 -IoCancelEventPortName:HostProcess-da664899-1128-4490-b162-26bf21aaae15 -NonStateChangingEventPortName:HostProcess-f8e38be0-2279-4a3b-ba5a-8253e34441c9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b0eab5e7-5058-45df-bdda-e5a9ba528645 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a400d81f-8aff-4a7d-b878-9fd6f71c5e31 -SystemEventPortName:HostProcess-05e435ba-52a1-40db-aff1-121d654a9baf -IoCancelEventPortName:HostProcess-069a4424-2dd4-4ce3-b17b-97c218282a7f -NonStateChangingEventPortName:HostProcess-dcb861d3-8710-46bf-83a9-3353bef7b72e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f28570e6-ae13-4b70-92d1-8f16e2633663 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2a0574b0-6e36-49e5-9e62-0acaed941c55 -SystemEventPortName:HostProcess-f0f0fb36-86dd-4077-aee5-bb4b7f62e132 -IoCancelEventPortName:HostProcess-f30288e8-c834-4da4-ab97-50424439face -NonStateChangingEventPortName:HostProcess-1392a7e7-2634-4618-b4c0-aba40efeaaa0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:059fe1d4-5e4e-486e-90ef-97b39a6ced34 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4eca2bb1-dc6c-464d-a6c5-061c89b76913 -SystemEventPortName:HostProcess-30625885-0719-4042-813b-84e5c6956bc6 -IoCancelEventPortName:HostProcess-5c5612de-cdb9-4950-bc18-b73624b7c11d -NonStateChangingEventPortName:HostProcess-f3fc645e-b897-4d2b-aea9-c87105f8dfde -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:64994e72-1085-4889-a15e-5f9297506f1b -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\WLANExt.exe 62613321792
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe"
"C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files\NixSrv\NixSrv.exe" /s iid=2862431 did=Missing sid= ref= id=e50ea9b94aecef0e4f1daa1dcf9b6deaad37b85a911ef9ef2c6d1a7145e6d48f
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 
taskhostex.exe 
"C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe" ytidilav
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe"
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" 
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" 
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\WINDOWS\system32\GWX\GWX.exe" 
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" 
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe" -default
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\ProgramData\ExtTag\ExtTag.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe" 
"C:\Windows\System32\igfxpers.exe" 
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
C:\ProgramData\ExtTag\Mat-Cof.exe regname Stpro.exe
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe"
"C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe"
"C:\Program Files\lenovo\QuickSnipService\QuickSnipInput.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe" 
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0xc20_0x1234_0x5d22fe4a"

C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://www.google.com/support/chrome/bin/request.py?hl=en&contact_type=uninstall&crversion=44.0.2403.157&os=6.3.9600
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="4564.0.987419572\1867907467" "C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4564 "\\.\pipe\gecko-crash-server-pipe.4564" plugin
"C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --proxy-stub-channel=Flash6392.653B34F0.6317 --host-broker-channel=Flash6392.653B34F0.25609 --host-pid=6392 --host-npapi-version=28 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_232.dll"
"C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --channel=3456.00A2F1B8.1992879905 --proxy-stub-channel=Flash6392.653B34F0.6317 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_232.dll" --host-npapi-version=28 --type=renderer
"C:\Users\Kado\Downloads\RSITx64.exe" 
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576 

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cf6a3280b98597.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d00195b41496f4.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\WINDOWS\tasks\lS3beVymTvBvOJoQv2Cx4Um.job - C:\Users\Kado\AppData\Roaming\lS3beVymTvBvOJoQv2Cx4Um.exe  --c=Z+iDsO+vO7TxPlV/avoB2rxSwkQPB4la72tiMT8fVAzFguN7+wGjAzOQFMI0lkMvVDSH68ZGFvdWlRRSldBvESVRE0Qy7M5bwdgxIVajxWRvYv/+GHiMixgQUsrX17ytjMQbEbhN3EQiCq/UIXZAmT90H22PkjnsIQF7AVdlChQK9JZHGyXcAdVL7WKyndJAWHdvLLwcF/qolWlelAG+oHfd8s+SjdPZPp0rCb6/NGNmlzyVjP1ntYEHpWHmXaYseswWqFzAZXvf6n2jRaEn/tuWa1TeVa2B0UgN4YRXg6e4N0jL5cZvFf/tVutz5Ls8lrfp2ncmL+tpa/C4tBlC5Q== 
C:\WINDOWS\tasks\oofi1peYnlndTgF4xiisCf.job - C:\Users\Kado\AppData\Roaming\oofi1peYnlndTgF4xiisCf.exe  --c=YOb7BZeS9Q1geI5/NQ7IPFKh7XLRVrlrLGo2QesHYrmsfhHHuxYMfdmTqaBBYGe1yIEwM1RptoX7gLzhmm++BcAir19lAaCHDL2a5hOm4G/2aWKMgueiFKCPKIFgBjTvEYBOMtEOfuEnK3eJHFnyuLcRCv8DCZq92R7ZfwU1/0ojkJzvemT6ticBwKJDvpA60THZvd3q/yYcCq0m2hIT2sig2aSukGzoKsBWIHmwaNdkCJC7CWBcVJ2oSw/rZVw/SShRwdja+1jK5dYl++VJm4OwvAvUiFoXl8MAv5m7l+CF/B0g6LVjiZbxs5G9i/FSub18QzutmylIc4mFpPD3SA== 
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe  

=========Mozilla firefox=========

ProfilePath - C:\Users\Kado\AppData\Roaming\Mozilla\Firefox\Profiles\fm7p05yt.default-1440446369343

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=C:\Program Files\mcafee\msc\npMcSnFFPl64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-20 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-29 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-20 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-29 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-20 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2DFF3579-5AA7-45B9-9328-1D38EA230861} - PDF Architect 3 Toolbar - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24 496344]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-20 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-12-21 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-12-21 771544]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-12-21 770520]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2013-05-07 253952]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-03-04 74288]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-06-04 2985712]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pokki"=C:\Users\Kado\AppData\Local\Pokki\Engine\Launcher.dll [2013-12-05 1271064]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2013-05-14 552960]
"Fastboot"=C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [2013-10-26 738032]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\ProgramData\ExtTag\0zw3omgn.2of.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-12-21 624640]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-24 22:20:01 ----D---- C:\rsit
2015-08-24 22:20:01 ----D---- C:\Program Files\trend micro
2015-08-24 22:08:36 ----HD---- C:\$Windows.~BT
2015-08-24 21:51:45 ----D---- C:\ProgramData\ExtTags
2015-08-24 21:51:34 ----D---- C:\ProgramData\ExtTag
2015-08-23 18:51:29 ----A---- C:\WINDOWS\Reimage.ini
2015-08-23 18:51:22 ----D---- C:\Program Files\NixSrv
2015-08-23 18:44:43 ----D---- C:\Program Files (x86)\globalUpdate
2015-08-23 18:42:54 ----D---- C:\ProgramData\update
2015-08-23 18:41:35 ----D---- C:\Users\Kado\AppData\Roaming\Opera Software
2015-08-23 18:41:08 ----D---- C:\Program Files (x86)\Opera
2015-08-23 10:08:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-19 19:27:27 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-19 19:27:26 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-16 13:40:57 ----D---- C:\pc-form
2015-08-16 13:40:26 ----A---- C:\WINDOWS\IsUn041b.exe
2015-08-13 11:47:15 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 11:47:15 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-08-13 10:53:12 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-08-13 10:52:09 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-13 10:52:09 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-13 10:52:08 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-13 10:52:08 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-08-13 10:52:08 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-08-13 10:51:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-08-13 10:51:49 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-08-13 10:51:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-08-13 10:51:48 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-08-13 10:51:48 ----A---- C:\WINDOWS\system32\ieui.dll
2015-08-13 10:51:47 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-08-13 10:51:47 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-08-13 10:51:47 ----A---- C:\WINDOWS\system32\wininet.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\system32\jscript.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-08-13 10:44:01 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-13 10:43:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-13 10:43:43 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2015-08-13 10:43:43 ----A---- C:\WINDOWS\system32\WebClnt.dll
2015-08-13 10:43:42 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2015-08-13 10:43:42 ----A---- C:\WINDOWS\system32\davclnt.dll
2015-08-13 10:43:42 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\invagent.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\devinv.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-08-13 10:43:39 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-08-13 10:43:38 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-08-13 10:43:38 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-08-13 10:43:15 ----A---- C:\WINDOWS\system32\csrsrv.dll
2015-08-13 10:43:15 ----A---- C:\WINDOWS\system32\basesrv.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\system32\netcfgx.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-08-13 10:43:13 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2015-08-13 10:43:13 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2015-08-13 10:43:13 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2015-08-13 10:43:13 ----A---- C:\WINDOWS\system32\mstscax.dll
2015-08-13 10:43:13 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-13 10:43:12 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-08-13 10:43:12 ----A---- C:\WINDOWS\system32\notepad.exe
2015-08-13 10:43:12 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-08-13 10:43:12 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-08-13 10:43:12 ----A---- C:\WINDOWS\notepad.exe
2015-08-13 10:43:11 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-08-13 10:43:11 ----A---- C:\WINDOWS\system32\win32k.sys
2015-08-13 10:43:11 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-08-13 10:43:11 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-08-13 10:43:11 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-08-13 10:43:10 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-08-13 10:43:10 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-08-13 10:43:10 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-07-29 15:43:28 ----D---- C:\ProgramData\Norton
2015-07-29 15:43:26 ----D---- C:\ProgramData\NortonInstaller
2015-07-29 15:43:22 ----D---- C:\Users\Kado\AppData\Roaming\ImperiaOnline
2015-07-29 15:03:08 ----D---- C:\Users\Kado\AppData\Roaming\Google2SRT
2015-07-29 15:01:08 ----D---- C:\ProgramData\Sun
2015-07-29 15:01:07 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2015-07-29 15:00:23 ----D---- C:\ProgramData\Oracle
2015-07-29 15:00:21 ----D---- C:\Program Files (x86)\Java

======List of files/folders modified in the last 1 month======

2015-08-24 22:20:01 ----RD---- C:\Program Files
2015-08-24 22:17:09 ----D---- C:\WINDOWS\Prefetch
2015-08-24 22:14:20 ----D---- C:\WINDOWS\Temp
2015-08-24 22:10:48 ----D---- C:\Program Files (x86)\Google
2015-08-24 22:08:39 ----DC---- C:\WINDOWS\Panther
2015-08-24 22:00:02 ----D---- C:\WINDOWS\system32\sru
2015-08-24 21:55:03 ----RD---- C:\WINDOWS\System32
2015-08-24 21:55:03 ----D---- C:\WINDOWS\Inf
2015-08-24 21:55:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-24 21:52:03 ----D---- C:\WINDOWS\system32\Tasks
2015-08-24 21:51:46 ----D---- C:\WINDOWS\SysWOW64
2015-08-24 21:51:45 ----HD---- C:\ProgramData
2015-08-24 21:50:17 ----D---- C:\ProgramData\Validity
2015-08-24 21:50:06 ----D---- C:\WINDOWS\system32\drivers
2015-08-24 21:50:06 ----D---- C:\WINDOWS\security
2015-08-24 21:28:54 ----D---- C:\WINDOWS\Tasks
2015-08-24 18:47:35 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-08-24 17:59:58 ----D---- C:\WINDOWS\Microsoft.NET
2015-08-24 17:07:08 ----D---- C:\Users\Kado\AppData\Roaming\AVI ReComp
2015-08-24 15:17:50 ----D---- C:\Users\Kado\AppData\Roaming\vlc
2015-08-24 15:01:33 ----SHD---- C:\WINDOWS\Installer
2015-08-24 15:01:33 ----SHD---- C:\Config.Msi
2015-08-24 15:01:32 ----RD---- C:\Program Files (x86)
2015-08-24 15:01:17 ----SHD---- C:\System Volume Information
2015-08-24 08:14:49 ----D---- C:\ProgramData\Realtek
2015-08-23 20:32:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-23 19:45:51 ----D---- C:\WINDOWS\CbsTemp
2015-08-23 18:51:29 ----D---- C:\Windows
2015-08-23 18:50:22 ----D---- C:\Program Files (x86)\Adobe
2015-08-23 09:19:02 ----A---- C:\IFRToolLog.txt
2015-08-19 19:31:51 ----D---- C:\WINDOWS\system32\config
2015-08-19 19:27:52 ----D---- C:\WINDOWS\WinSxS
2015-08-19 12:33:39 ----D---- C:\Program Files\Lenovo
2015-08-19 12:33:33 ----D---- C:\WINDOWS\PolicyDefinitions
2015-08-19 12:07:32 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-18 16:21:29 ----HD---- C:\Program Files\WindowsApps
2015-08-18 16:21:29 ----D---- C:\WINDOWS\AppReadiness
2015-08-18 13:05:52 ----SD---- C:\Users\Kado\AppData\Roaming\Microsoft
2015-08-17 13:47:31 ----D---- C:\WINDOWS\rescache
2015-08-16 14:45:10 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-16 13:51:34 ----A---- C:\WINDOWS\win.ini
2015-08-16 13:40:57 ----D---- C:\Program Files (x86)\Common Files
2015-08-15 18:08:11 ----RSD---- C:\WINDOWS\assembly
2015-08-14 22:12:01 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-14 22:12:01 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 19:45:46 ----D---- C:\Program Files\Windows Defender
2015-08-13 19:45:45 ----SD---- C:\WINDOWS\system32\CompatTel
2015-08-13 19:45:45 ----D---- C:\WINDOWS\system32\appraiser
2015-08-13 19:45:45 ----D---- C:\WINDOWS\apppatch
2015-08-13 19:45:45 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-13 19:45:44 ----D---- C:\Program Files\Internet Explorer
2015-08-13 19:45:44 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-13 19:45:43 ----D---- C:\WINDOWS\system32\drivers\en-US
2015-08-13 11:47:54 ----D---- C:\ProgramData\Microsoft Help
2015-08-13 11:45:41 ----D---- C:\WINDOWS\system32\MRT
2015-08-13 11:42:16 ----A---- C:\WINDOWS\system32\MRT.exe
2015-08-13 10:35:34 ----D---- C:\WINDOWS\system32\catroot2
2015-08-10 20:31:29 ----D---- C:\WINDOWS\Minidump
2015-08-08 17:00:18 ----D---- C:\WINDOWS\Logs
2015-08-08 15:55:08 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-07-25 08:53:20 ----SD---- C:\WINDOWS\system32\GWX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R0 Fastboot;Fastboot; C:\WINDOWS\System32\DRIVERS\fastboot.sys [2013-10-26 66288]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-07-24 666984]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2013-05-23 101976]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-12-27 32544]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
R1 EpfwLWF;@oem36.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 SMIDriver;SMIDriver; C:\WINDOWS\system32\drivers\smi.sys [2015-03-03 19656]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwr64v.sys [2014-03-07 20736]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2011-02-11 35344]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2013-04-18 44800]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-12-21 4216320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-08-01 3565528]
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-15 27032]
R3 MEIx64;@oem14.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-07-03 64624]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-12-27 11311392]
R3 RtkBtFilter;@oem7.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2013-07-05 547032]
R3 RTL8168;@oem6.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-04-10 801864]
R3 RTWlanE;@oem11.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2013-07-24 2969304]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-06-04 33008]
R3 SynTP;@oem20.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-06-04 532720]
R3 tap0901;@oem46.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2014-11-05 27136]
R3 VClone;VClone; C:\WINDOWS\System32\drivers\VClone.sys [2013-07-24 34816]
R3 vm331avs;@oem4.inf,%USBCamera.DeviceDesc2%;Digital Camera 1; C:\WINDOWS\System32\Drivers\vm331avs.sys [2013-04-30 1049984]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys []
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dg_ssudbus;@oem41.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2012-05-28 197264]
S3 intaud_WaveExtensible;@oem31.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-15 39320]
S3 IntcDAud;@oem28.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-05-22 452088]
S3 mfencbdc;McAfee Inc. mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [2012-11-02 328976]
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2012-11-02 97208]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RSUSBSTOR;@oem21.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-06-15 262872]
S3 ssudmdm;@oem43.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;@oem44.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2013-06-15 45056]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 ExtTag;ExtTag; C:\ProgramData\ExtTag\ExtTag.exe [2015-08-23 34816]
R2 FastbootService;FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2013-10-26 140016]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2014-12-03 9216]
R2 IBMPMSVC;@oem23.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2013-04-18 61224]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-07-03 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-07-03 169432]
R2 Lenovo QuickSnip Service;Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [2013-06-06 219976]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-03-10 2085184]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [2013-06-06 562504]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-11 136288]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-07-03 366552]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2013-12-11 468288]
R2 NixSrv;NixSrv Service; C:\Program Files\NixSrv\NixSrv.exe [2015-08-23 379392]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-10-29 920864]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 QuickControlMasterSvc;Lenovo QuickControl Master Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [2013-07-17 59384]
R2 ValBioService;ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [2013-05-23 24112]
R2 valWBFPolicyService;Validity WBF Policy Service; C:\WINDOWS\system32\valWBFPolicyService.exe [2015-03-03 49968]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-03-07 1669976]
R3 QuickControlService;Lenovo QuickControl Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [2013-07-17 138232]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-12-27 1364256]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13 269000]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-03-04 573488]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-12-21 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-04-05 194032]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-03-04 512048]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-03-04 527920]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-03-04 702512]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-13 149160]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2015-07-01 22008]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 113400
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s prehliadavačmi, safefinder.com

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
suprrotka
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 72
Registrován: 30 led 2010 14:49

Re: Problém s prehliadavačmi, safefinder.com

#3 Příspěvek od suprrotka »

nech sa paci vysledny log

Kód: Vybrat vše

# AdwCleaner v5.003 - Logfile created 24/08/2015 at 22:41:59
# Updated 20/08/2015 by Xplode
# Database : 2015-08-23.3 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Kado - LENOVO-PC
# Running from : C:\Users\Kado\Desktop\adwcleaner_5.003.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : [x64] HKLM\SOFTWARE\downchecker
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

***** [ Web browsers ] *****


*************************

:: Proxy settings cleared
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [771 bytes] ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 113400
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s prehliadavačmi, safefinder.com

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
suprrotka
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 72
Registrován: 30 led 2010 14:49

Re: Problém s prehliadavačmi, safefinder.com

#5 Příspěvek od suprrotka »

Nech sa páči, ale problém stále zotrváva :(

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kado at 2015-08-25 11:33:55
Microsoft Windows 8.1 
System drive C: has 300 GB (82%) free of 364 GB
Total RAM: 8090 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:33:56, on 25.08.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Program Files\trend micro\Kado.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Poeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový poekladae... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @oem23.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo QuickSnip Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NixSrv Service (NixSrv) - Unknown owner - C:\Program Files\NixSrv\NixSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: ValBioService - Validity Sensors, Inc. - C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13897 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\ibmpmsvc.exe
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d6691918-aea5-40c7-8183-56f313a02598 -SystemEventPortName:HostProcess-7ef6c344-de70-4600-8dca-0ca0263e47d9 -IoCancelEventPortName:HostProcess-db15d503-2ee2-4b6b-b084-1a8eeffefa26 -NonStateChangingEventPortName:HostProcess-0ed572ab-a6da-46d5-a098-139623efb218 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f3e540ad-d324-4b40-a837-30d4e64dfb33 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2c24b0fd-a5a2-4fee-80af-efb0178dfe1a -SystemEventPortName:HostProcess-299e54e4-5a2f-4529-a300-f923664d0d3f -IoCancelEventPortName:HostProcess-73c67816-fd7e-4eea-9c4c-8321be241305 -NonStateChangingEventPortName:HostProcess-fd20c4f9-e8d3-4f3d-af8a-7837d3f11bdf -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:15040849-d9b2-491d-9b84-9b8f13faedc4 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-68855015-c08f-4139-b800-8cc0201f5c1c -SystemEventPortName:HostProcess-b0bd0c75-0c7c-45e7-ad11-e178e3e28a4f -IoCancelEventPortName:HostProcess-4bbc90f3-7da0-42e6-a5fc-ac7abd85012c -NonStateChangingEventPortName:HostProcess-82a3eaa4-47f6-4707-a178-7fd68e37d7ee -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:138998fd-72f0-4b8a-9767-318058f2fdcf -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3498e9f6-6130-4086-8bd0-946854ab0953 -SystemEventPortName:HostProcess-d892d3cb-ad67-47ae-9c8f-ce004f96e9b4 -IoCancelEventPortName:HostProcess-4a825b8e-09bb-4c06-8deb-4e6ac9ae6050 -NonStateChangingEventPortName:HostProcess-a8db5d51-3035-4ef4-bb9f-464429c7ac9c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7ea0dc8d-d3bc-4d10-850c-aeaf2722b0ac -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\WLANExt.exe 352716116240
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe"
"C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files\NixSrv\NixSrv.exe" /s iid=2862431 did=Missing sid= ref= id=e50ea9b94aecef0e4f1daa1dcf9b6deaad37b85a911ef9ef2c6d1a7145e6d48f
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe"
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe" -default
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\ProgramData\ExtTag\ExtTag.exe
C:\ProgramData\ExtTag\Zaamsunis.exe regname Stpro.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\Explorer.EXE
"C:\Program Files\lenovo\QuickSnipService\QuickSnipInput.exe"
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
taskhostex.exe 
"C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe" ytidilav
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" 
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
C:\Windows\System32\skydrive.exe -Embedding
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe" 
"C:\Windows\System32\igfxpers.exe" 
"C:\WINDOWS\system32\GWX\GWX.exe" 
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" 
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" 
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe" 
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x7d0_0xaf4_0xa48de722"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" %SNF%
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="392.1.2143331116\1714540936" "C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 392 "\\.\pipe\gecko-crash-server-pipe.392" plugin
"C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --proxy-stub-channel=Flash3844.65A234F0.27718 --host-broker-channel=Flash3844.65A234F0.14522 --host-pid=3844 --host-npapi-version=28 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_232.dll"
"C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --channel=3880.00E5F44C.417096792 --proxy-stub-channel=Flash3844.65A234F0.27718 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_232.dll" --host-npapi-version=28 --type=renderer

"C:\Users\Kado\Desktop\RSITx64.exe" 
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580 

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cf6a3280b98597.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d00195b41496f4.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\WINDOWS\tasks\lS3beVymTvBvOJoQv2Cx4Um.job - C:\Users\Kado\AppData\Roaming\lS3beVymTvBvOJoQv2Cx4Um.exe  --c=Z+iDsO+vO7TxPlV/avoB2rxSwkQPB4la72tiMT8fVAzFguN7+wGjAzOQFMI0lkMvVDSH68ZGFvdWlRRSldBvESVRE0Qy7M5bwdgxIVajxWRvYv/+GHiMixgQUsrX17ytjMQbEbhN3EQiCq/UIXZAmT90H22PkjnsIQF7AVdlChQK9JZHGyXcAdVL7WKyndJAWHdvLLwcF/qolWlelAG+oHfd8s+SjdPZPp0rCb6/NGNmlzyVjP1ntYEHpWHmXaYseswWqFzAZXvf6n2jRaEn/tuWa1TeVa2B0UgN4YRXg6e4N0jL5cZvFf/tVutz5Ls8lrfp2ncmL+tpa/C4tBlC5Q== 
C:\WINDOWS\tasks\oofi1peYnlndTgF4xiisCf.job - C:\Users\Kado\AppData\Roaming\oofi1peYnlndTgF4xiisCf.exe  --c=YOb7BZeS9Q1geI5/NQ7IPFKh7XLRVrlrLGo2QesHYrmsfhHHuxYMfdmTqaBBYGe1yIEwM1RptoX7gLzhmm++BcAir19lAaCHDL2a5hOm4G/2aWKMgueiFKCPKIFgBjTvEYBOMtEOfuEnK3eJHFnyuLcRCv8DCZq92R7ZfwU1/0ojkJzvemT6ticBwKJDvpA60THZvd3q/yYcCq0m2hIT2sig2aSukGzoKsBWIHmwaNdkCJC7CWBcVJ2oSw/rZVw/SShRwdja+1jK5dYl++VJm4OwvAvUiFoXl8MAv5m7l+CF/B0g6LVjiZbxs5G9i/FSub18QzutmylIc4mFpPD3SA== 
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe  

=========Mozilla firefox=========

ProfilePath - C:\Users\Kado\AppData\Roaming\Mozilla\Firefox\Profiles\fm7p05yt.default-1440446369343

prefs.js - "browser.startup.homepage" -  "www.google.sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=C:\Program Files\mcafee\msc\npMcSnFFPl64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-20 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-29 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-20 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-29 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-20 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2DFF3579-5AA7-45B9-9328-1D38EA230861} - PDF Architect 3 Toolbar - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24 496344]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-20 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-12-21 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-12-21 771544]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-12-21 770520]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2013-05-07 253952]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-03-04 74288]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-06-04 2985712]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2013-05-14 552960]
"Fastboot"=C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [2013-10-26 738032]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-12-21 624640]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-25 09:03:41 ----D---- C:\ProgramData\ExtTags
2015-08-25 08:53:42 ----D---- C:\ProgramData\ExtTag
2015-08-24 22:34:41 ----D---- C:\AdwCleaner
2015-08-24 22:20:01 ----D---- C:\rsit
2015-08-24 22:20:01 ----D---- C:\Program Files\trend micro
2015-08-23 18:51:22 ----D---- C:\Program Files\NixSrv
2015-08-23 18:42:54 ----D---- C:\ProgramData\update
2015-08-23 18:41:35 ----D---- C:\Users\Kado\AppData\Roaming\Opera Software
2015-08-23 18:41:08 ----D---- C:\Program Files (x86)\Opera
2015-08-23 10:08:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-19 19:27:27 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-19 19:27:26 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-16 13:40:57 ----D---- C:\pc-form
2015-08-16 13:40:26 ----A---- C:\WINDOWS\IsUn041b.exe
2015-08-13 11:47:15 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 11:47:15 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-08-13 10:53:12 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-08-13 10:52:09 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-13 10:52:09 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-13 10:52:08 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-13 10:52:08 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-08-13 10:52:08 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-08-13 10:51:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-08-13 10:51:49 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-08-13 10:51:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-08-13 10:51:48 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-08-13 10:51:48 ----A---- C:\WINDOWS\system32\ieui.dll
2015-08-13 10:51:47 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-08-13 10:51:47 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-08-13 10:51:47 ----A---- C:\WINDOWS\system32\wininet.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\system32\jscript.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-08-13 10:44:01 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-13 10:43:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-13 10:43:43 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2015-08-13 10:43:43 ----A---- C:\WINDOWS\system32\WebClnt.dll
2015-08-13 10:43:42 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2015-08-13 10:43:42 ----A---- C:\WINDOWS\system32\davclnt.dll
2015-08-13 10:43:42 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\invagent.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\devinv.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-08-13 10:43:39 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-08-13 10:43:38 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-08-13 10:43:38 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-08-13 10:43:15 ----A---- C:\WINDOWS\system32\csrsrv.dll
2015-08-13 10:43:15 ----A---- C:\WINDOWS\system32\basesrv.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\system32\netcfgx.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-08-13 10:43:13 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2015-08-13 10:43:13 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2015-08-13 10:43:13 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2015-08-13 10:43:13 ----A---- C:\WINDOWS\system32\mstscax.dll
2015-08-13 10:43:13 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-13 10:43:12 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-08-13 10:43:12 ----A---- C:\WINDOWS\system32\notepad.exe
2015-08-13 10:43:12 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-08-13 10:43:12 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-08-13 10:43:12 ----A---- C:\WINDOWS\notepad.exe
2015-08-13 10:43:11 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-08-13 10:43:11 ----A---- C:\WINDOWS\system32\win32k.sys
2015-08-13 10:43:11 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-08-13 10:43:11 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-08-13 10:43:11 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-08-13 10:43:10 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-08-13 10:43:10 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-08-13 10:43:10 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-07-29 15:43:28 ----D---- C:\ProgramData\Norton
2015-07-29 15:43:26 ----D---- C:\ProgramData\NortonInstaller
2015-07-29 15:43:22 ----D---- C:\Users\Kado\AppData\Roaming\ImperiaOnline
2015-07-29 15:03:08 ----D---- C:\Users\Kado\AppData\Roaming\Google2SRT
2015-07-29 15:01:08 ----D---- C:\ProgramData\Sun
2015-07-29 15:01:07 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2015-07-29 15:00:23 ----D---- C:\ProgramData\Oracle
2015-07-29 15:00:21 ----D---- C:\Program Files (x86)\Java

======List of files/folders modified in the last 1 month======

2015-08-25 11:17:35 ----D---- C:\WINDOWS\Prefetch
2015-08-25 11:06:04 ----D---- C:\WINDOWS\Temp
2015-08-25 11:00:00 ----D---- C:\WINDOWS\system32\sru
2015-08-25 09:29:25 ----D---- C:\WINDOWS\Microsoft.NET
2015-08-25 09:03:41 ----HD---- C:\ProgramData
2015-08-25 09:01:22 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-08-25 09:01:21 ----D---- C:\WINDOWS\SysWOW64
2015-08-25 08:58:21 ----D---- C:\WINDOWS\system32\Tasks
2015-08-25 08:52:45 ----D---- C:\ProgramData\Validity
2015-08-25 08:52:41 ----D---- C:\WINDOWS\system32\drivers
2015-08-25 08:52:41 ----D---- C:\WINDOWS\apppatch
2015-08-24 22:35:58 ----D---- C:\Windows
2015-08-24 22:35:33 ----RD---- C:\Program Files (x86)
2015-08-24 22:35:20 ----DC---- C:\WINDOWS\Panther
2015-08-24 22:31:49 ----HD---- C:\$Windows.~BT
2015-08-24 22:20:01 ----RD---- C:\Program Files
2015-08-24 22:10:48 ----D---- C:\Program Files (x86)\Google
2015-08-24 21:55:03 ----RD---- C:\WINDOWS\System32
2015-08-24 21:55:03 ----D---- C:\WINDOWS\Inf
2015-08-24 21:55:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-24 21:50:06 ----D---- C:\WINDOWS\security
2015-08-24 21:28:54 ----D---- C:\WINDOWS\Tasks
2015-08-24 17:07:08 ----D---- C:\Users\Kado\AppData\Roaming\AVI ReComp
2015-08-24 15:17:50 ----D---- C:\Users\Kado\AppData\Roaming\vlc
2015-08-24 15:01:33 ----SHD---- C:\WINDOWS\Installer
2015-08-24 15:01:33 ----SHD---- C:\Config.Msi
2015-08-24 15:01:17 ----SHD---- C:\System Volume Information
2015-08-24 08:14:49 ----D---- C:\ProgramData\Realtek
2015-08-23 20:32:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-23 19:45:51 ----D---- C:\WINDOWS\CbsTemp
2015-08-23 18:50:22 ----D---- C:\Program Files (x86)\Adobe
2015-08-23 09:19:02 ----A---- C:\IFRToolLog.txt
2015-08-19 19:31:51 ----D---- C:\WINDOWS\system32\config
2015-08-19 19:27:52 ----D---- C:\WINDOWS\WinSxS
2015-08-19 12:33:39 ----D---- C:\Program Files\Lenovo
2015-08-19 12:33:33 ----D---- C:\WINDOWS\PolicyDefinitions
2015-08-19 12:07:32 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-18 16:21:29 ----HD---- C:\Program Files\WindowsApps
2015-08-18 16:21:29 ----D---- C:\WINDOWS\AppReadiness
2015-08-18 13:05:52 ----SD---- C:\Users\Kado\AppData\Roaming\Microsoft
2015-08-17 13:47:31 ----D---- C:\WINDOWS\rescache
2015-08-16 14:45:10 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-16 13:51:34 ----A---- C:\WINDOWS\win.ini
2015-08-16 13:40:57 ----D---- C:\Program Files (x86)\Common Files
2015-08-15 18:08:11 ----RSD---- C:\WINDOWS\assembly
2015-08-14 22:12:01 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-14 22:12:01 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 19:45:46 ----D---- C:\Program Files\Windows Defender
2015-08-13 19:45:45 ----SD---- C:\WINDOWS\system32\CompatTel
2015-08-13 19:45:45 ----D---- C:\WINDOWS\system32\appraiser
2015-08-13 19:45:45 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-13 19:45:44 ----D---- C:\Program Files\Internet Explorer
2015-08-13 19:45:44 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-13 19:45:43 ----D---- C:\WINDOWS\system32\drivers\en-US
2015-08-13 11:47:54 ----D---- C:\ProgramData\Microsoft Help
2015-08-13 11:45:41 ----D---- C:\WINDOWS\system32\MRT
2015-08-13 11:42:16 ----A---- C:\WINDOWS\system32\MRT.exe
2015-08-13 10:35:34 ----D---- C:\WINDOWS\system32\catroot2
2015-08-10 20:31:29 ----D---- C:\WINDOWS\Minidump
2015-08-08 17:00:18 ----D---- C:\WINDOWS\Logs
2015-08-08 15:55:08 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R0 Fastboot;Fastboot; C:\WINDOWS\System32\DRIVERS\fastboot.sys [2013-10-26 66288]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-07-24 666984]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2013-05-23 101976]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-12-27 32544]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
R1 EpfwLWF;@oem36.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 SMIDriver;SMIDriver; C:\WINDOWS\system32\drivers\smi.sys [2015-03-03 19656]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwr64v.sys [2014-03-07 20736]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2011-02-11 35344]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2013-04-18 44800]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-12-21 4216320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-08-01 3565528]
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-15 27032]
R3 MEIx64;@oem14.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-07-03 64624]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-12-27 11311392]
R3 RtkBtFilter;@oem7.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2013-07-05 547032]
R3 RTL8168;@oem6.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-04-10 801864]
R3 RTWlanE;@oem11.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2013-07-24 2969304]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-06-04 33008]
R3 SynTP;@oem20.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-06-04 532720]
R3 tap0901;@oem46.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2014-11-05 27136]
R3 VClone;VClone; C:\WINDOWS\System32\drivers\VClone.sys [2013-07-24 34816]
R3 vm331avs;@oem4.inf,%USBCamera.DeviceDesc2%;Digital Camera 1; C:\WINDOWS\System32\Drivers\vm331avs.sys [2013-04-30 1049984]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys []
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dg_ssudbus;@oem41.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2012-05-28 197264]
S3 intaud_WaveExtensible;@oem31.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-15 39320]
S3 IntcDAud;@oem28.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-05-22 452088]
S3 mfencbdc;McAfee Inc. mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [2012-11-02 328976]
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2012-11-02 97208]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RSUSBSTOR;@oem21.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-06-15 262872]
S3 ssudmdm;@oem43.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;@oem44.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2013-06-15 45056]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 FastbootService;FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2013-10-26 140016]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2014-12-03 9216]
R2 IBMPMSVC;@oem23.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2013-04-18 61224]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-07-03 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-07-03 169432]
R2 Lenovo QuickSnip Service;Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [2013-06-06 219976]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-03-10 2085184]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [2013-06-06 562504]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-11 136288]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-07-03 366552]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2013-12-11 468288]
R2 NixSrv;NixSrv Service; C:\Program Files\NixSrv\NixSrv.exe [2015-08-23 379392]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-10-29 920864]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 QuickControlMasterSvc;Lenovo QuickControl Master Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [2013-07-17 59384]
R2 ValBioService;ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [2013-05-23 24112]
R2 valWBFPolicyService;Validity WBF Policy Service; C:\WINDOWS\system32\valWBFPolicyService.exe [2015-03-03 49968]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-03-07 1669976]
R3 QuickControlService;Lenovo QuickControl Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [2013-07-17 138232]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-12-27 1364256]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13 269000]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-03-04 573488]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-12-21 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-04-05 194032]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-03-04 512048]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-03-04 527920]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-03-04 702512]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-13 149160]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2015-07-01 22008]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 113400
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s prehliadavačmi, safefinder.com

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Skype\Toolbars
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cf6a3280b98597.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d00195b41496f4.job
C:\WINDOWS\tasks\lS3beVymTvBvOJoQv2Cx4Um.job
C:\WINDOWS\tasks\oofi1peYnlndTgF4xiisCf.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-


:services
c2cautoupdatesvc
c2cpnrsvc

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
suprrotka
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 72
Registrován: 30 led 2010 14:49

Re: Problém s prehliadavačmi, safefinder.com

#7 Příspěvek od suprrotka »

nech sa paci, novy log RSIT

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kado at 2015-08-25 18:46:46
Microsoft Windows 8.1 
System drive C: has 300 GB (82%) free of 364 GB
Total RAM: 8090 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:46:50, on 25.08.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files\trend micro\Kado.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Poeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový poekladae... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O20 - AppInit_DLLs: C:\ProgramData\ExtTag\Movenix.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ExtTag - Unknown owner - C:\ProgramData\ExtTag\ExtTag.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @oem23.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo QuickSnip Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NixSrv Service (NixSrv) - Unknown owner - C:\Program Files\NixSrv\NixSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: ValBioService - Validity Sensors, Inc. - C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13063 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\ibmpmsvc.exe
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6c059f4c-b898-4c0f-973e-90dfdf6ad772 -SystemEventPortName:HostProcess-aa642dab-e44c-48a9-a50a-db67075d4300 -IoCancelEventPortName:HostProcess-85f38c5e-9236-407c-bf07-e52e8bc01ad6 -NonStateChangingEventPortName:HostProcess-91656972-4d51-4546-9182-5d4aa99a1cf4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6cddb788-a1ed-473a-aafa-df1cf948d7f4 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a82576ed-f7ba-48ca-a7ab-03c3f292cbdd -SystemEventPortName:HostProcess-e898dff2-4cc4-49d1-8ae6-1538228c570c -IoCancelEventPortName:HostProcess-53d3fc9d-801d-4e7c-b4f2-2325e17e31df -NonStateChangingEventPortName:HostProcess-63214348-16b6-435d-b79c-13cf4debcc93 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e77f584a-d66d-4b7a-9b48-151063210769 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c9d6c4c6-eb3f-459e-95a1-0e2b4b900af7 -SystemEventPortName:HostProcess-ae4c22d6-7c2a-4089-8250-b338cebbaf06 -IoCancelEventPortName:HostProcess-08170c49-0826-418b-8c71-120ab56a5a88 -NonStateChangingEventPortName:HostProcess-f5b6aa11-8088-4d0d-b361-69a43f57af25 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6b51b054-b269-409b-bdca-f8c248c30cc5 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b748b081-7419-4240-84fa-99b0fd89d6e0 -SystemEventPortName:HostProcess-d140538e-747d-455c-90e2-05bfcd44c190 -IoCancelEventPortName:HostProcess-6ca2ea90-a194-4d47-bea5-5341ea61f7cc -NonStateChangingEventPortName:HostProcess-d2d0111e-2b3b-4b60-ad0c-e3f1db6ad58a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1375e6e9-439c-4a1e-8410-612c2d44d4e6 -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\WLANExt.exe 435904471712
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\ProgramData\ExtTag\ExtTag.exe
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe"
"C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files\NixSrv\NixSrv.exe" /s iid=2862431 did=Missing sid= ref= id=e50ea9b94aecef0e4f1daa1dcf9b6deaad37b85a911ef9ef2c6d1a7145e6d48f
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe" -default
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
taskhostex.exe 
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe" ytidilav
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
C:\Windows\System32\skydrive.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576 
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe" 
"C:\Windows\System32\igfxpers.exe" 
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
C:\ProgramData\ExtTag\Doublewarm.exe regname Stpro.exe
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\WINDOWS\system32\GWX\GWX.exe" 
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" 
"C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" 
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" 
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe"
"C:\Program Files\lenovo\QuickSnipService\QuickSnipInput.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync

"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe" 
"C:\Users\Kado\Desktop\RSITx64.exe" 

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe  

=========Mozilla firefox=========

ProfilePath - C:\Users\Kado\AppData\Roaming\Mozilla\Firefox\Profiles\fm7p05yt.default-1440446369343

prefs.js - "browser.startup.homepage" -  "C:\\ProgramData\\ExtTags\\ff.HP"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=C:\Program Files\mcafee\msc\npMcSnFFPl64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\Kado\AppData\Roaming\Mozilla\Firefox\Profiles\fm7p05yt.default-1440446369343\searchplugins\
findit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-29 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-29 172640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-12-21 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-12-21 771544]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-12-21 770520]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2013-05-07 253952]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-03-04 74288]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-06-04 2985712]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2013-05-14 552960]
"Fastboot"=C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [2013-10-26 738032]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\ProgramData\ExtTag\Zimdex.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-12-21 624640]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-25 18:24:36 ----D---- C:\ProgramData\ExtTags
2015-08-25 18:23:02 ----D---- C:\ProgramData\ExtTag
2015-08-25 18:11:12 ----D---- C:\_OTM
2015-08-24 22:34:41 ----D---- C:\AdwCleaner
2015-08-24 22:20:01 ----D---- C:\rsit
2015-08-24 22:20:01 ----D---- C:\Program Files\trend micro
2015-08-23 18:51:22 ----D---- C:\Program Files\NixSrv
2015-08-23 18:42:54 ----D---- C:\ProgramData\update
2015-08-23 18:41:35 ----D---- C:\Users\Kado\AppData\Roaming\Opera Software
2015-08-23 18:41:08 ----D---- C:\Program Files (x86)\Opera
2015-08-23 10:08:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-19 19:27:27 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-19 19:27:26 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-16 13:40:57 ----D---- C:\pc-form
2015-08-16 13:40:26 ----A---- C:\WINDOWS\IsUn041b.exe
2015-08-13 11:47:15 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 11:47:15 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-08-13 10:53:13 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-08-13 10:53:12 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-08-13 10:53:12 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-08-13 10:52:09 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-13 10:52:09 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-13 10:52:08 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-13 10:52:08 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-08-13 10:52:08 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-08-13 10:51:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-08-13 10:51:49 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-08-13 10:51:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-08-13 10:51:48 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-08-13 10:51:48 ----A---- C:\WINDOWS\system32\ieui.dll
2015-08-13 10:51:47 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-08-13 10:51:47 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-08-13 10:51:47 ----A---- C:\WINDOWS\system32\wininet.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-08-13 10:51:46 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-08-13 10:51:45 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\system32\jscript.dll
2015-08-13 10:51:44 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-08-13 10:44:01 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-13 10:43:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-13 10:43:43 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2015-08-13 10:43:43 ----A---- C:\WINDOWS\system32\WebClnt.dll
2015-08-13 10:43:42 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2015-08-13 10:43:42 ----A---- C:\WINDOWS\system32\davclnt.dll
2015-08-13 10:43:42 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\invagent.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\devinv.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-08-13 10:43:41 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-08-13 10:43:39 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-08-13 10:43:38 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-08-13 10:43:38 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-08-13 10:43:15 ----A---- C:\WINDOWS\system32\csrsrv.dll
2015-08-13 10:43:15 ----A---- C:\WINDOWS\system32\basesrv.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\system32\netcfgx.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-08-13 10:43:14 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-08-13 10:43:13 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2015-08-13 10:43:13 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2015-08-13 10:43:13 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2015-08-13 10:43:13 ----A---- C:\WINDOWS\system32\mstscax.dll
2015-08-13 10:43:13 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-13 10:43:12 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-08-13 10:43:12 ----A---- C:\WINDOWS\system32\notepad.exe
2015-08-13 10:43:12 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-08-13 10:43:12 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-08-13 10:43:12 ----A---- C:\WINDOWS\notepad.exe
2015-08-13 10:43:11 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-08-13 10:43:11 ----A---- C:\WINDOWS\system32\win32k.sys
2015-08-13 10:43:11 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-08-13 10:43:11 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-08-13 10:43:11 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-08-13 10:43:10 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-08-13 10:43:10 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-08-13 10:43:10 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-07-29 15:43:28 ----D---- C:\ProgramData\Norton
2015-07-29 15:43:26 ----D---- C:\ProgramData\NortonInstaller
2015-07-29 15:43:22 ----D---- C:\Users\Kado\AppData\Roaming\ImperiaOnline
2015-07-29 15:03:08 ----D---- C:\Users\Kado\AppData\Roaming\Google2SRT
2015-07-29 15:01:08 ----D---- C:\ProgramData\Sun
2015-07-29 15:01:07 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2015-07-29 15:00:23 ----D---- C:\ProgramData\Oracle
2015-07-29 15:00:21 ----D---- C:\Program Files (x86)\Java

======List of files/folders modified in the last 1 month======

2015-08-25 18:45:43 ----D---- C:\WINDOWS\Temp
2015-08-25 18:42:37 ----D---- C:\ProgramData\Validity
2015-08-25 18:40:25 ----D---- C:\WINDOWS\Prefetch
2015-08-25 18:33:19 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-08-25 18:27:40 ----D---- C:\WINDOWS\system32\Tasks
2015-08-25 18:24:38 ----D---- C:\WINDOWS\SysWOW64
2015-08-25 18:24:36 ----HD---- C:\ProgramData
2015-08-25 18:11:14 ----D---- C:\WINDOWS\Tasks
2015-08-25 18:11:13 ----RD---- C:\Program Files (x86)\Skype
2015-08-25 18:11:13 ----D---- C:\Program Files (x86)\Google
2015-08-25 18:02:00 ----D---- C:\WINDOWS\system32\sru
2015-08-25 13:15:33 ----D---- C:\WINDOWS\Microsoft.NET
2015-08-25 13:04:09 ----D---- C:\WINDOWS\system32\drivers
2015-08-25 09:00:21 ----D---- C:\ProgramData\Realtek
2015-08-25 08:52:41 ----D---- C:\WINDOWS\apppatch
2015-08-24 22:35:58 ----D---- C:\Windows
2015-08-24 22:35:33 ----RD---- C:\Program Files (x86)
2015-08-24 22:35:20 ----DC---- C:\WINDOWS\Panther
2015-08-24 22:31:49 ----HD---- C:\$Windows.~BT
2015-08-24 22:20:01 ----RD---- C:\Program Files
2015-08-24 21:55:03 ----RD---- C:\WINDOWS\System32
2015-08-24 21:55:03 ----D---- C:\WINDOWS\Inf
2015-08-24 21:55:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-24 21:50:06 ----D---- C:\WINDOWS\security
2015-08-24 17:07:08 ----D---- C:\Users\Kado\AppData\Roaming\AVI ReComp
2015-08-24 15:17:50 ----D---- C:\Users\Kado\AppData\Roaming\vlc
2015-08-24 15:01:33 ----SHD---- C:\WINDOWS\Installer
2015-08-24 15:01:33 ----SHD---- C:\Config.Msi
2015-08-24 15:01:17 ----SHD---- C:\System Volume Information
2015-08-23 20:32:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-23 19:45:51 ----D---- C:\WINDOWS\CbsTemp
2015-08-23 18:50:22 ----D---- C:\Program Files (x86)\Adobe
2015-08-23 09:19:02 ----A---- C:\IFRToolLog.txt
2015-08-19 19:31:51 ----D---- C:\WINDOWS\system32\config
2015-08-19 19:27:52 ----D---- C:\WINDOWS\WinSxS
2015-08-19 12:33:39 ----D---- C:\Program Files\Lenovo
2015-08-19 12:33:33 ----D---- C:\WINDOWS\PolicyDefinitions
2015-08-19 12:07:32 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-18 16:21:29 ----HD---- C:\Program Files\WindowsApps
2015-08-18 16:21:29 ----D---- C:\WINDOWS\AppReadiness
2015-08-18 13:05:52 ----SD---- C:\Users\Kado\AppData\Roaming\Microsoft
2015-08-17 13:47:31 ----D---- C:\WINDOWS\rescache
2015-08-16 14:45:10 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-16 13:51:34 ----A---- C:\WINDOWS\win.ini
2015-08-16 13:40:57 ----D---- C:\Program Files (x86)\Common Files
2015-08-15 18:08:11 ----RSD---- C:\WINDOWS\assembly
2015-08-14 22:12:01 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-14 22:12:01 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 19:45:46 ----D---- C:\Program Files\Windows Defender
2015-08-13 19:45:45 ----SD---- C:\WINDOWS\system32\CompatTel
2015-08-13 19:45:45 ----D---- C:\WINDOWS\system32\appraiser
2015-08-13 19:45:45 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-13 19:45:44 ----D---- C:\Program Files\Internet Explorer
2015-08-13 19:45:44 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-13 19:45:43 ----D---- C:\WINDOWS\system32\drivers\en-US
2015-08-13 11:47:54 ----D---- C:\ProgramData\Microsoft Help
2015-08-13 11:45:41 ----D---- C:\WINDOWS\system32\MRT
2015-08-13 11:42:16 ----A---- C:\WINDOWS\system32\MRT.exe
2015-08-13 10:35:34 ----D---- C:\WINDOWS\system32\catroot2
2015-08-10 20:31:29 ----D---- C:\WINDOWS\Minidump
2015-08-08 17:00:18 ----D---- C:\WINDOWS\Logs
2015-08-08 15:55:08 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R0 Fastboot;Fastboot; C:\WINDOWS\System32\DRIVERS\fastboot.sys [2013-10-26 66288]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-07-24 666984]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2013-05-23 101976]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-12-27 32544]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
R1 EpfwLWF;@oem36.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 SMIDriver;SMIDriver; C:\WINDOWS\system32\drivers\smi.sys [2015-03-03 19656]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwr64v.sys [2014-03-07 20736]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2011-02-11 35344]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2013-04-18 44800]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-12-21 4216320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-08-01 3565528]
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-15 27032]
R3 MEIx64;@oem14.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-07-03 64624]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-12-27 11311392]
R3 RtkBtFilter;@oem7.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2013-07-05 547032]
R3 RTL8168;@oem6.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-04-10 801864]
R3 RTWlanE;@oem11.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2013-07-24 2969304]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-06-04 33008]
R3 SynTP;@oem20.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-06-04 532720]
R3 tap0901;@oem46.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2014-11-05 27136]
R3 VClone;VClone; C:\WINDOWS\System32\drivers\VClone.sys [2013-07-24 34816]
R3 vm331avs;@oem4.inf,%USBCamera.DeviceDesc2%;Digital Camera 1; C:\WINDOWS\System32\Drivers\vm331avs.sys [2013-04-30 1049984]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys []
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dg_ssudbus;@oem41.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2012-05-28 197264]
S3 intaud_WaveExtensible;@oem31.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-15 39320]
S3 IntcDAud;@oem28.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-05-22 452088]
S3 mfencbdc;McAfee Inc. mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [2012-11-02 328976]
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2012-11-02 97208]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RSUSBSTOR;@oem21.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-06-15 262872]
S3 ssudmdm;@oem43.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;@oem44.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2013-06-15 45056]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 ExtTag;ExtTag; C:\ProgramData\ExtTag\ExtTag.exe [2015-08-23 34816]
R2 FastbootService;FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2013-10-26 140016]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2014-12-03 9216]
R2 IBMPMSVC;@oem23.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2013-04-18 61224]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-07-03 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-07-03 169432]
R2 Lenovo QuickSnip Service;Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [2013-06-06 219976]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-03-10 2085184]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [2013-06-06 562504]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-11 136288]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-07-03 366552]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2013-12-11 468288]
R2 NixSrv;NixSrv Service; C:\Program Files\NixSrv\NixSrv.exe [2015-08-23 379392]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-10-29 920864]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 QuickControlMasterSvc;Lenovo QuickControl Master Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [2013-07-17 59384]
R2 ValBioService;ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [2013-05-23 24112]
R2 valWBFPolicyService;Validity WBF Policy Service; C:\WINDOWS\system32\valWBFPolicyService.exe [2015-03-03 49968]
R3 QuickControlService;Lenovo QuickControl Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [2013-07-17 138232]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-12-27 1364256]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13 269000]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-03-04 573488]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-12-21 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-04-05 194032]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-03-04 512048]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-03-04 527920]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-03-04 702512]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-13 149160]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-03-07 1669976]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2015-07-01 22008]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 113400
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s prehliadavačmi, safefinder.com

#8 Příspěvek od Rudy »

Dvouklikem na soubor C:\Program Files\trend micro\Kado.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
suprrotka
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 72
Registrován: 30 led 2010 14:49

Re: Problém s prehliadavačmi, safefinder.com

#9 Příspěvek od suprrotka »

kroky boli urobene, problem este pretrvava :(

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 113400
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s prehliadavačmi, safefinder.com

#10 Příspěvek od Rudy »

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dečjte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
suprrotka
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 72
Registrován: 30 led 2010 14:49

Re: Problém s prehliadavačmi, safefinder.com

#11 Příspěvek od suprrotka »

zabudol som este dodat, ze pri spustani prehliadaca mi ESET pri nacitavani akychkolvek internetovych stranok hned blokuje pristup, riesim to tak ze docasne vypnem ESET. ESET hlasi vzdy rovnaku hlasku : 25.08.2015 21:16:31 HTTP filter súbor http://forum.viry.cz/viewtopic.php?f=28&t=145808 HTML/ScrInject.B.Gen vírus prerušené spojenie - uložený do karantény Lenovo-PC\Kado Hrozba bola zachytená pri prístupe na web aplikáciou: C:\Program Files (x86)\Mozilla Firefox\firefox.exe.


MBAM log

Kód: Vybrat vše

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 25.08.2015
Čas skenování: 21:19
Protokol: MBAM.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.25.05
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Kado

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 422681
Uplynulý čas: 22 min, 22 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 2
PUP.Optional.ExtTag.A, C:\ProgramData\ExtTag\ExtTag.exe, 1964, , [5faa917c7a1111253d61a578a36041bf]
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Doublewarm.exe, 5116, , [43c60ffe018aef47c76fc35714ef5fa1]

Moduly: 1
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Dripin.dll, , [43c60ffe018aef47c76fc35714ef5fa1], 

Klíče registru: 3
PUP.Optional.Linkury.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\snf, , [57b23cd12e5d81b5c83c8b9327dcd12f], 
PUP.Optional.Linkury.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\snp, , [31d8719c2e5dc373759030ee6f94c937], 
PUP.Optional.ExtTag.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EXTTAG, , [5faa917c7a1111253d61a578a36041bf], 

Hodnoty registru: 1
PUP.Optional.ExtTag.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EXTTAG|ImagePath, C:\ProgramData\ExtTag\ExtTag.exe, , [5faa917c7a1111253d61a578a36041bf]

Data registru: 2
PUP.Optional.ExtTag.F, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\ExtTag\Movenix.dll, Dobré: (), Špatné: (C:\ProgramData\ExtTag\Movenix.dll),,[43c60ffe018aef47c76fc35714ef5fa1]
PUP.Optional.ExtTag.F, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\ExtTag\Zimdex.dll, Dobré: (), Špatné: (C:\ProgramData\ExtTag\Zimdex.dll),,[43c60ffe018aef47c76fc35714ef5fa1]

Složky: 4
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\ondemand, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\temp, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTags, , [e722a667f497ec4aec4b2ded7d86b14f], 

Soubory: 32
PUP.Optional.Linkury.Gen.A, C:\Windows\SysWOW64\findit.xml, , [3ccdba53c9c20d2999524ecf9073af51], 
PUP.Optional.Linkury.A, C:\Windows\System32\Tasks\snf, , [7a8f07067c0f4de9bd437da10ef5926e], 
PUP.Optional.Linkury.A, C:\Windows\System32\Tasks\snp, , [5aafd4396d1eea4c41c079a52cd7c13f], 
PUP.Optional.Linkury.ShrtCln, C:\Users\Kado\AppData\Roaming\Mozilla\Firefox\Profiles\fm7p05yt.default-1440446369343\searchplugins\findit.xml, , [789110fd305b03331f833c7b877dfa06], 
PUP.Optional.ExtTag.A, C:\ProgramData\ExtTag\ExtTag.exe, , [5faa917c7a1111253d61a578a36041bf], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Sil-Touch.exe.config, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\conf.config, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Config.xml, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Danovebam.dll, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Dinglab.dll, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Doublewarm.exe, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Doublewarm.exe.config, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Dripin.dll, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\ExtTag.dll, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\ExtTag.exe.config, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Medfind.dll, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Movenix.dll, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\PrxCfg.xml, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Sil-Touch.exe, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Tempflex.dll, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Tranzap.exe, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Tranzap.exe.config, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Trisruntouch.dll, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\uninstall.exe, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Unotrax.exe, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Unotrax.exe.config, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Zimdex.dll, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Zumtamplus.dll, , [43c60ffe018aef47c76fc35714ef5fa1], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTags\ff.HP, , [e722a667f497ec4aec4b2ded7d86b14f], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTags\ff.NT, , [e722a667f497ec4aec4b2ded7d86b14f], 
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTags\snp.sc, , [e722a667f497ec4aec4b2ded7d86b14f], 
PUP.Optional.Linkury.ShrtCln, C:\Users\Kado\AppData\Roaming\Mozilla\Firefox\Profiles\fm7p05yt.default-1440446369343\prefs.js, Dobré: (), Špatné: (user_pref("browser.newtab.url", "C:\\ProgramData\\ExtTags\\ff.NT");), ,[d039d5384f3c1125c0d982137194dc24]

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Naposledy upravil(a) suprrotka dne 25 srp 2015 20:54, celkem upraveno 2 x.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 113400
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s prehliadavačmi, safefinder.com

#12 Příspěvek od Rudy »

Smažte všechny nálezy.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
suprrotka
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 72
Registrován: 30 led 2010 14:49

Re: Problém s prehliadavačmi, safefinder.com

#13 Příspěvek od suprrotka »

zabudol som este dodat, ze pri spustani prehliadaca mi ESET pri nacitavani akychkolvek internetovych stranok hned blokuje pristup, riesim to tak ze docasne vypnem ESET. ESET hlasi vzdy rovnaku hlasku : 25.08.2015 21:16:31 HTTP filter súbor viewtopic.php?f=28&t=145808 HTML/ScrInject.B.Gen vírus prerušené spojenie - uložený do karantény Lenovo-PC\Kado Hrozba bola zachytená pri prístupe na web aplikáciou: C:\Program Files (x86)\Mozilla Firefox\firefox.exe.

vymazane boli vsetky najdene hrozby z MBAM, nasledne bol restartovany PC, problem nadalej zotrvana a rovnakom rozsahu

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 113400
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s prehliadavačmi, safefinder.com

#14 Příspěvek od Rudy »

Všechny nálezy smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
suprrotka
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 72
Registrován: 30 led 2010 14:49

Re: Problém s prehliadavačmi, safefinder.com

#15 Příspěvek od suprrotka »

Už som to zmazal, aký je prosím Vás ďalší postup?

Odpovědět