PC PO VIRUSE FACEBOOKU

[apoloon]

Dobrý deň, prosím o kontrolu ntb môjho švagra, čo sa dalo to sme zmazali.... Dík..
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dagmar at 2016-01-14 22:17:04
Microsoft Windows 10 Home
System drive C: has 166 GB (69%) free of 239 GB
Total RAM: 3941 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:17:19, on 14.1.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\users\dagmar\appdata\local\temp\teamviewer\TeamViewer.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Users\Dagmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Dagmar.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dagmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - c:\users\dagmar\appdata\local\temp\teamviewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9915 bytes

======Listing Processes======







winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-527f9c65-f119-4370-b1d4-dbc8c611eeaf -SystemEventPortName:HostProcess-6f09eb89-179c-4647-bbae-22f64b02b6ca -IoCancelEventPortName:HostProcess-a0e1c7a8-0f19-45bd-a21c-3a26e5f404e8 -NonStateChangingEventPortName:HostProcess-c36b3f67-8228-422e-b2d4-15bb87565894 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:29695d60-f936-4211-aa82-9e600289907e -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
dashost.exe {8f5b5850-9025-4af5-bc0e32e0667d4f5c}
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"c:\users\dagmar\appdata\local\temp\teamviewer\TeamViewer_Service.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"c:\users\dagmar\appdata\local\temp\teamviewer\TeamViewer.exe"
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"c:\users\dagmar\appdata\local\temp\teamviewer\tv_w32.exe" --action hooks --log c:\users\dagmar\appdata\local\temp\teamviewer\TeamViewer11_Logfile.log
"c:\users\dagmar\appdata\local\temp\teamviewer\tv_x64.exe" --action hooks --log c:\users\dagmar\appdata\local\temp\teamviewer\TeamViewer11_Logfile.log
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Users\Dagmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\USB Camera\VM331STI.EXE"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"c:\users\dagmar\appdata\local\temp\teamviewer\TeamViewer_Desktop.exe" --IPCport 5939


C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.6020.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe" SCODEF:1832 CREDAT:140545 EDGEHOST /prefetch:6
"C:\Program Files\ESET\ESET Smart Security\\eOPPFrame.exe"
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\Users\Dagmar\Desktop\hijackthis.log
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4092.2.784560675\838233634" --font-cache-shared-handle=2600 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4092.3.708379636\1670183372" --font-cache-shared-handle=4368 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4092.4.1506782118\1238410348" --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\Dagmar\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159" --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --ignored=" --type=renderer " /prefetch:822062411
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 612 616 624 8192 620
"C:\Users\Dagmar\Downloads\RSITx64 (1).exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-12 3242696]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-06-13 1212560]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-06-26 366720]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-10-05 17079376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-10-05 191568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Dagmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-13 551112]
"Power2GoExpress"=NA []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2015-06-12 561672]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-04-23 508256]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-14 22:17:07 ----D---- C:\Program Files\trend micro
2016-01-14 22:17:04 ----D---- C:\rsit
2016-01-14 21:21:51 ----D---- C:\ProgramData\ESET
2016-01-14 21:21:51 ----D---- C:\Program Files\ESET
2016-01-14 19:47:03 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-01-14 19:46:42 ----D---- C:\ProgramData\Malwarebytes
2016-01-14 19:46:42 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-14 19:46:42 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-01-14 19:46:42 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-01-14 19:46:42 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-01-14 19:22:57 ----D---- C:\Users\Dagmar\AppData\Roaming\TeamViewer
2016-01-14 19:08:38 ----A---- C:\WINDOWS\RegBootClean64.exe
2016-01-14 18:40:45 ----A---- C:\WINDOWS\system32\drivers\tmcomm.sys
2016-01-05 13:38:06 ----D---- C:\Users\Dagmar\AppData\Roaming\LSC

======List of files/folders modified in the last 1 month======

2016-01-14 22:17:07 ----RD---- C:\Program Files
2016-01-14 22:16:41 ----D---- C:\WINDOWS\Temp
2016-01-14 22:06:05 ----D---- C:\WINDOWS\system32\sru
2016-01-14 22:01:05 ----D---- C:\WINDOWS\Prefetch
2016-01-14 21:23:05 ----SHD---- C:\WINDOWS\Installer
2016-01-14 21:23:05 ----D---- C:\WINDOWS\system32\DriverStore
2016-01-14 21:23:04 ----D---- C:\WINDOWS\system32\drivers
2016-01-14 21:23:04 ----D---- C:\WINDOWS\INF
2016-01-14 21:22:49 ----HD---- C:\WINDOWS\ELAMBKUP
2016-01-14 21:22:44 ----SHD---- C:\Config.Msi
2016-01-14 21:21:51 ----HD---- C:\ProgramData
2016-01-14 21:21:05 ----D---- C:\WINDOWS\System32
2016-01-14 21:05:36 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-01-14 20:58:07 ----D---- C:\Windows
2016-01-14 20:18:05 ----D---- C:\WINDOWS\Vss
2016-01-14 20:17:54 ----D---- C:\Program Files\Common Files
2016-01-14 20:17:54 ----D---- C:\Program Files (x86)\globalUpdate
2016-01-14 20:17:54 ----D---- C:\Program Files (x86)\Common Files
2016-01-14 20:17:52 ----D---- C:\WINDOWS\system32\Tasks
2016-01-14 20:17:51 ----D---- C:\Program Files (x86)\ShopperPro
2016-01-14 20:01:40 ----D---- C:\WINDOWS\system32\config
2016-01-14 19:55:12 ----D---- C:\WINDOWS\system32\WDI
2016-01-14 19:52:55 ----D---- C:\ProgramData\AVAST Software
2016-01-14 19:46:42 ----RD---- C:\Program Files (x86)
2016-01-14 18:32:46 ----D---- C:\WINDOWS\AppReadiness
2016-01-14 17:21:08 ----D---- C:\WINDOWS\CbsTemp
2016-01-14 17:20:58 ----D---- C:\WINDOWS\system32\catroot2
2016-01-14 17:19:59 ----D---- C:\WINDOWS\WinSxS
2016-01-13 18:09:29 ----D---- C:\WINDOWS\Microsoft.NET
2016-01-13 17:46:31 ----HD---- C:\Program Files\WindowsApps
2016-01-13 17:42:15 ----D---- C:\WINDOWS\system32\NDF
2016-01-11 17:16:38 ----N---- C:\WINDOWS\Setup1.exe
2016-01-11 17:16:37 ----A---- C:\WINDOWS\ST6UNST.EXE
2016-01-11 16:25:22 ----D---- C:\WINDOWS\debug
2016-01-11 16:16:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-10 16:37:49 ----D---- C:\Program Files\CCleaner
2016-01-07 15:57:20 ----D---- C:\WINDOWS\SysWOW64
2016-01-07 15:57:05 ----DC---- C:\WINDOWS\Panther
2016-01-07 15:52:53 ----HD---- C:\$WINDOWS.~BT
2016-01-05 13:37:53 ----RSD---- C:\WINDOWS\assembly
2016-01-04 17:16:07 ----D---- C:\ProgramData\Lenovo
2016-01-04 17:16:02 ----D---- C:\Program Files (x86)\Lenovo
2016-01-04 17:15:59 ----D---- C:\Program Files\Lenovo
2016-01-04 17:15:36 ----D---- C:\WINDOWS\Downloaded Installations
2016-01-03 02:40:14 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-12-23 16:40:19 ----D---- C:\WINDOWS\rescache
2015-12-21 19:34:24 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2015-12-21 19:34:23 ----D---- C:\WINDOWS\system32\sk-SK
2015-12-21 19:34:23 ----D---- C:\WINDOWS\system32\oobe
2015-12-21 19:34:23 ----D---- C:\WINDOWS\system32\Boot
2015-12-21 19:34:23 ----D---- C:\WINDOWS\system32\appraiser
2015-12-21 19:34:21 ----RSD---- C:\WINDOWS\Fonts
2015-12-21 19:34:20 ----D---- C:\WINDOWS\AppPatch
2015-12-21 19:34:20 ----D---- C:\Program Files\Internet Explorer
2015-12-21 19:34:20 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-21 19:34:19 ----D---- C:\WINDOWS\system32\CodeIntegrity

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-11-20 69840]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2012-10-05 39008]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-11-20 263528]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-11-20 186784]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2015-11-20 206312]
R1 EpfwLWF;@oem18.inf,%EpfwLWF_Desc%;ESET Personal Firewall; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-11-20 52872]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-12-01 8192]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 ACPIVPC;@oem22.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2012-10-05 33560]
R3 AmUStor;@oem28.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2012-06-13 100992]
R3 athr;@oem6.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2012-07-24 3618304]
R3 ETD;@oem34.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-12 525512]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-07-03 4074256]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-06-18 129224]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-01-14 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-10-05 64216]
R3 MEIx64;@oem19.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 vm331avs;@oem29.inf,%USBCamera.DeviceDesc2%;Digital Camera 1; C:\WINDOWS\System32\Drivers\vm331avs.sys [2015-06-12 802312]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2015-11-20 14976]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2015-11-20 142976]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-03 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-09-10 934752]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-09-10 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-07-10 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-07-10 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-07-10 27488]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\WINDOWS\System32\drivers\usbser.sys [2015-09-10 67072]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\WINDOWS\System32\drivers\vhf.sys [2015-07-10 31744]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2015-11-20 2522616]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-12 144072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-17 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 276864]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]
R2 OneSyncSvc_Session1;Sync Host_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 TeamViewer;TeamViewer 11; c:\users\dagmar\appdata\local\temp\teamviewer\TeamViewer_Service.exe [2015-12-14 5532432]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-04 107848]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-04 107848]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-12-10 272864]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session1;Kontaktné údaje_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-09-10 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2015-11-11 21536]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc_Session1;Ukladací priestor používateľských údajov_Session1; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UserDataSvc_Session1;Prístup k používateľským údajom_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[apoloon]

prikladám log. A mám problém s aktualizáciou esete - aktualizácia zlyhá....



# AdwCleaner v5.029 - Logfile created 15/01/2016 at 22:08:24
# Updated 11/01/2016 by Xplode
# Database : 2016-01-15.2 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Dagmar - DAGMAR
# Running from : C:\Users\Dagmar\Desktop\adwcleaner_5.029.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\ShopperPro
[-] Folder Deleted : C:\Users\Dagmar\AppData\Local\globalUpdate

***** [ Files ] *****

[-] File Deleted : C:\WINDOWS\Reimage.ini

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : ReimageUpdater

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
[-] Key Deleted : HKLM\SOFTWARE\Classes\pc-mechanic
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[-] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F8A4FC32-DDA3-4DD9-8C62-49F778FF630B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\ShopperPro
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\Appscion
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[!] Key Not Deleted : HKU\S-1-5-21-872003570-3281157808-278953639-1001\Software\APN PIP
[!] Key Not Deleted : HKU\S-1-5-21-872003570-3281157808-278953639-1001\Software\GlobalUpdate
[!] Key Not Deleted : HKU\S-1-5-21-872003570-3281157808-278953639-1001\Software\ShopperPro
[!] Key Not Deleted : HKU\S-1-5-21-872003570-3281157808-278953639-1001\Software\Reimage
[!] Key Not Deleted : HKU\S-1-5-21-872003570-3281157808-278953639-1001\Software\Appscion
[!] Key Not Deleted : HKU\S-1-5-21-872003570-3281157808-278953639-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKU\S-1-5-21-872003570-3281157808-278953639-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [7304 bytes] ##########

[Rudy]

Dejte nový log RSIT.

[apoloon]

tu je log...


Logfile of random's system information tool 1.10 (written by random/random)
Run by Dagmar at 2016-01-18 18:10:45
Microsoft Windows 10 Home
System drive C: has 153 GB (64%) free of 239 GB
Total RAM: 3941 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:10:49, on 18.1.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Users\Dagmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Users\Dagmar\AppData\Local\Temp\TeamViewer\TeamViewer.exe
C:\Program Files\trend micro\Dagmar.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE01DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dagmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-21-872003570-3281157808-278953639-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [OneDrive] "C:\Users\Dagmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (User '?')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10400 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9d1dc340-e3c1-439c-bb4b-6e989539ef33 -SystemEventPortName:HostProcess-a9c54c4e-b517-4d98-8a2d-369381867e2b -IoCancelEventPortName:HostProcess-40b95e06-2574-4c8f-a3e2-f5403d8c7dd5 -NonStateChangingEventPortName:HostProcess-0da90fbf-a3ce-4ec0-96e6-c32d52207574 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8593c182-2fb8-45da-90a2-daacb903799f -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
dashost.exe {39acdc95-c164-4e82-b864f24c0dda5ca3}
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Users\Dagmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\USB Camera\VM331STI.EXE"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer

"C:\Users\Dagmar\AppData\Local\Temp\TeamViewer\TeamViewer.exe" --dre
"C:\Users\Dagmar\AppData\Local\Temp\TeamViewer\tv_w32.exe" --action hooks --log C:\Users\Dagmar\AppData\Roaming\TeamViewer\TeamViewer11_Logfile.log
"C:\Users\Dagmar\AppData\Local\Temp\TeamViewer\tv_x64.exe" --action hooks --log C:\Users\Dagmar\AppData\Roaming\TeamViewer\TeamViewer11_Logfile.log
"c:\users\dagmar\appdata\local\temp\teamviewer\TeamViewer_Desktop.exe" --IPCport 6039
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 632 636 644 8192 640
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe60_ Global\UsGthrCtrlFltPipeMssGthrPipe60 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Dagmar\Desktop\RSITx64 (3).exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-12 3242696]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-06-13 1212560]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-06-26 366720]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-10-05 17079376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-10-05 191568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Dagmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-01-15 551112]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2015-06-12 561672]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-04-23 508256]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-15 21:25:07 ----D---- C:\ProgramData\ESET
2016-01-15 21:25:07 ----D---- C:\Program Files\ESET
2016-01-15 19:36:33 ----D---- C:\Users\Dagmar\AppData\Roaming\ESET
2016-01-15 02:37:46 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-01-15 02:37:41 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-15 02:37:38 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-01-15 02:37:38 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-01-15 02:37:38 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-01-15 02:37:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-01-15 02:37:36 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-01-15 02:37:35 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2016-01-15 02:37:35 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-01-15 02:37:34 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-01-15 02:37:34 ----A---- C:\WINDOWS\system32\msxml6.dll
2016-01-15 02:37:33 ----A---- C:\WINDOWS\system32\usermgr.dll
2016-01-15 02:37:33 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-01-15 02:37:33 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-01-15 02:37:32 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2016-01-15 02:37:32 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2016-01-15 02:37:32 ----A---- C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-15 02:37:32 ----A---- C:\WINDOWS\system32\WMADMOD.DLL
2016-01-15 02:37:32 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-01-15 02:37:32 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-01-15 02:37:31 ----A---- C:\WINDOWS\SYSWOW64\WMADMOD.DLL
2016-01-15 02:37:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-01-15 02:37:31 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-01-15 02:37:31 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-15 02:37:31 ----A---- C:\WINDOWS\system32\evr.dll
2016-01-15 02:37:30 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-01-15 02:37:30 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-01-15 02:37:30 ----A---- C:\WINDOWS\system32\quartz.dll
2016-01-15 02:37:30 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-01-15 02:37:30 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-01-15 02:37:29 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-01-15 02:37:29 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOD.DLL
2016-01-15 02:37:29 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-01-15 02:37:29 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-01-15 02:37:29 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-01-15 02:37:29 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2016-01-15 02:37:29 ----A---- C:\WINDOWS\system32\invagent.dll
2016-01-15 02:37:29 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-01-15 02:37:29 ----A---- C:\WINDOWS\system32\devinv.dll
2016-01-15 02:37:29 ----A---- C:\WINDOWS\system32\advapi32.dll
2016-01-15 02:37:28 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2016-01-15 02:37:28 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2016-01-15 02:37:28 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-01-15 02:37:28 ----A---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-15 02:37:28 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-01-15 02:37:28 ----A---- C:\WINDOWS\system32\schannel.dll
2016-01-15 02:37:28 ----A---- C:\WINDOWS\system32\mfps.dll
2016-01-15 02:37:28 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-15 02:37:28 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-01-15 02:37:28 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-01-15 02:37:27 ----A---- C:\WINDOWS\SYSWOW64\qdvd.dll
2016-01-15 02:37:27 ----A---- C:\WINDOWS\SYSWOW64\MP3DMOD.DLL
2016-01-15 02:37:27 ----A---- C:\WINDOWS\SYSWOW64\mftranscode.dll
2016-01-15 02:37:27 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2016-01-15 02:37:27 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2016-01-15 02:37:27 ----A---- C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-15 02:37:27 ----A---- C:\WINDOWS\system32\uReFS.dll
2016-01-15 02:37:27 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-01-15 02:37:27 ----A---- C:\WINDOWS\system32\qedit.dll
2016-01-15 02:37:27 ----A---- C:\WINDOWS\system32\PhoneService.dll
2016-01-15 02:37:27 ----A---- C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-15 02:37:27 ----A---- C:\WINDOWS\system32\mftranscode.dll
2016-01-15 02:37:27 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-01-15 02:37:26 ----A---- C:\WINDOWS\SYSWOW64\usermgrcli.dll
2016-01-15 02:37:26 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2016-01-15 02:37:26 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2016-01-15 02:37:26 ----A---- C:\WINDOWS\SYSWOW64\ProximityCommon.dll
2016-01-15 02:37:26 ----A---- C:\WINDOWS\system32\winload.exe
2016-01-15 02:37:26 ----A---- C:\WINDOWS\system32\usermgrcli.dll
2016-01-15 02:37:26 ----A---- C:\WINDOWS\system32\qdvd.dll
2016-01-15 02:37:26 ----A---- C:\WINDOWS\system32\ProximityCommon.dll
2016-01-15 02:37:26 ----A---- C:\WINDOWS\system32\omadmclient.exe
2016-01-15 02:37:25 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOE.DLL
2016-01-15 02:37:25 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-01-15 02:37:25 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-15 02:37:25 ----A---- C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-15 02:37:25 ----A---- C:\WINDOWS\system32\DscCore.dll
2016-01-15 02:37:25 ----A---- C:\WINDOWS\system32\aitstatic.exe
2016-01-15 02:37:24 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-01-15 02:37:24 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2016-01-15 02:37:24 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-01-15 02:37:24 ----A---- C:\WINDOWS\system32\aepic.dll
2016-01-14 23:40:51 ----ASH---- C:\hiberfil.sys
2016-01-14 23:31:39 ----SD---- C:\Users\Dagmar\AppData\Roaming\Microsoft
2016-01-14 23:28:37 ----HD---- C:\Program Files\Uninstall Information
2016-01-14 23:28:34 ----D---- C:\Program Files (x86)\USB Camera
2016-01-14 23:28:02 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2016-01-14 23:28:02 ----D---- C:\Program Files\Realtek
2016-01-14 23:27:44 ----D---- C:\Program Files\Elantech
2016-01-14 23:27:41 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2016-01-14 23:25:39 ----AS---- C:\WINDOWS\bootstat.dat
2016-01-14 23:25:04 ----D---- C:\WINDOWS\Prefetch
2016-01-14 23:24:02 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-14 23:22:56 ----SHD---- C:\Recovery
2016-01-14 23:22:50 ----DC---- C:\WINDOWS\Panther
2016-01-14 23:19:03 ----D---- C:\Windows.old
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\MSMPEG2ENC.DLL
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\mfreadwrite.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.proxy.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2016-01-14 23:17:55 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\system32\mfds.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-01-14 23:17:55 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-01-14 23:17:55 ----A---- C:\WINDOWS\system32\dialserver.dll
2016-01-14 23:17:54 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2016-01-14 23:17:54 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-01-14 23:17:54 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2016-01-14 23:17:54 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2016-01-14 23:17:54 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-01-14 23:17:54 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-01-14 23:17:54 ----A---- C:\WINDOWS\system32\EncDump.dll
2016-01-14 23:17:54 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-01-14 23:17:54 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-01-14 23:17:54 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-14 23:17:54 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\SYSWOW64\MFPlay.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\wpncore.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\readingviewresources.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\MFPlay.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\jscript.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\iesetup.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\iernonce.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\AudioEng.dll
2016-01-14 23:17:53 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\wwapi.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\mssign32.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wwapi.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wwanprotdim.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\Wwanpref.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wwanmm.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wwanconn.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wwancfg.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wsplib.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wshrm.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wininet.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\twinui.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\SRH.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\shutdownux.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\shell32.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\services.exe
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\rilproxy.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\provtool.exe
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\provengine.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\pnidui.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\mssign32.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\lpk.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\LogonController.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\ihvrilproxy.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\dciman32.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\comsvcs.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\catsrvut.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\authui.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-01-14 23:17:47 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-01-14 23:17:46 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-01-14 23:17:46 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-01-14 23:17:46 ----A---- C:\WINDOWS\system32\wimserv.exe
2016-01-14 23:17:46 ----A---- C:\WINDOWS\system32\wimgapi.dll
2016-01-14 23:17:46 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2016-01-14 23:17:46 ----A---- C:\WINDOWS\system32\provops.dll
2016-01-14 23:17:46 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2016-01-14 23:17:46 ----A---- C:\WINDOWS\system32\provhandlers.dll
2016-01-14 23:17:46 ----A---- C:\WINDOWS\system32\provdatastore.dll
2016-01-14 23:17:46 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-01-14 23:17:46 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2016-01-14 23:17:46 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2016-01-14 23:17:46 ----A---- C:\WINDOWS\system32\drivers\wimmount.sys
2016-01-14 23:17:46 ----A---- C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\XblAuthTokenBrokerExt.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\XblAuthManagerProxy.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\offlinelsa.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\NmaDirect.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\MosResource.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\MosHostClient.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\Microsoft-Windows-MosTrace.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\Microsoft-Windows-MosHost.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\Microsoft-Windows-MapControls.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\mfpmp.exe
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\MapControlStringsRes.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\ETWCoreUIComponentsResources.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\BingOnlineServices.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\BackgroundTransferHost.exe
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\wups2.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\win32k.sys
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\user32.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\tetheringconfigsp.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\NmaDirect.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\nativemap.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\msftedit.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\MosResource.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\MosHostClient.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\moshost.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\mos.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\mfpmp.exe
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\mf.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\mapstoasttask.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\MapControlStringsRes.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\InputService.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\cryptngc.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\cdp.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\BingOnlineServices.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-01-14 23:17:42 ----A---- C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-01-14 23:17:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2016-01-14 23:17:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-01-14 23:17:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2016-01-14 23:17:41 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCoreRes.dll
2016-01-14 23:17:41 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2016-01-14 23:17:41 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-01-14 23:17:41 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-01-14 23:17:41 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2016-01-14 23:17:41 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-01-14 23:17:41 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-01-14 23:17:41 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2016-01-14 23:17:41 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2016-01-14 23:17:41 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-01-14 23:17:41 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2016-01-14 23:17:41 ----A---- C:\WINDOWS\system32\drivers\capimg.sys
2016-01-14 23:17:41 ----A---- C:\WINDOWS\system32\dcomp.dll
2016-01-14 23:14:13 ----D---- C:\WINDOWS\system32\Microsoft
2016-01-14 23:11:54 ----D---- C:\Program Files\Reference Assemblies
2016-01-14 23:11:54 ----D---- C:\Program Files\MSBuild
2016-01-14 23:11:54 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-01-14 23:11:54 ----D---- C:\Program Files (x86)\MSBuild
2016-01-14 23:11:15 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2016-01-14 23:11:15 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2016-01-14 23:11:15 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-01-14 23:11:12 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2016-01-14 23:11:12 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-01-14 23:11:10 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-01-14 22:17:07 ----D---- C:\Program Files\trend micro
2016-01-14 22:17:04 ----D---- C:\rsit
2016-01-14 19:47:03 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-01-14 19:46:42 ----D---- C:\ProgramData\Malwarebytes
2016-01-14 19:46:42 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-14 19:46:42 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-01-14 19:46:42 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-01-14 19:46:42 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-01-14 19:22:57 ----D---- C:\Users\Dagmar\AppData\Roaming\TeamViewer
2016-01-14 19:08:38 ----A---- C:\WINDOWS\RegBootClean64.exe
2016-01-14 18:40:45 ----A---- C:\WINDOWS\system32\drivers\tmcomm.sys
2016-01-05 13:38:06 ----D---- C:\Users\Dagmar\AppData\Roaming\LSC

======List of files/folders modified in the last 1 month======

2016-01-18 18:10:02 ----D---- C:\WINDOWS\Temp
2016-01-18 17:31:00 ----D---- C:\WINDOWS\system32\sru
2016-01-18 15:36:50 ----HD---- C:\Program Files\WindowsApps
2016-01-18 15:35:53 ----D---- C:\WINDOWS\debug
2016-01-18 15:35:26 ----D---- C:\WINDOWS\Microsoft.NET
2016-01-18 15:35:08 ----D---- C:\WINDOWS\Logs
2016-01-18 15:27:30 ----D---- C:\WINDOWS\System32
2016-01-18 15:27:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-18 15:27:29 ----D---- C:\WINDOWS\INF
2016-01-18 14:35:07 ----RSD---- C:\WINDOWS\assembly
2016-01-17 21:16:58 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-01-17 21:16:58 ----D---- C:\Windows
2016-01-17 20:56:20 ----D---- C:\WINDOWS\AppReadiness
2016-01-15 23:06:10 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-01-15 22:08:25 ----D---- C:\WINDOWS\system32\Tasks
2016-01-15 22:08:24 ----RD---- C:\Program Files (x86)
2016-01-15 22:08:24 ----D---- C:\AdwCleaner
2016-01-15 21:41:33 ----SHD---- C:\Config.Msi
2016-01-15 21:26:36 ----SHD---- C:\WINDOWS\Installer
2016-01-15 21:26:35 ----D---- C:\WINDOWS\system32\DriverStore
2016-01-15 21:26:34 ----D---- C:\WINDOWS\system32\drivers
2016-01-15 21:25:07 ----RD---- C:\Program Files
2016-01-15 21:25:07 ----HD---- C:\ProgramData
2016-01-15 18:29:27 ----D---- C:\WINDOWS\appcompat
2016-01-15 18:28:24 ----D---- C:\WINDOWS\system32\config
2016-01-15 18:21:47 ----D---- C:\WINDOWS\WinSxS
2016-01-15 02:43:42 ----D---- C:\WINDOWS\SysWOW64
2016-01-15 02:43:41 ----D---- C:\WINDOWS\system32\Boot
2016-01-15 02:43:41 ----D---- C:\WINDOWS\system32\appraiser
2016-01-15 02:43:41 ----D---- C:\WINDOWS\AppPatch
2016-01-15 02:41:07 ----D---- C:\WINDOWS\CbsTemp
2016-01-15 02:39:49 ----SHD---- C:\System Volume Information
2016-01-15 02:38:35 ----D---- C:\WINDOWS\system32\restore
2016-01-15 02:34:29 ----D---- C:\WINDOWS\system32\catroot2
2016-01-15 02:25:23 ----D---- C:\WINDOWS\system32\WDI
2016-01-15 00:18:51 ----RD---- C:\WINDOWS\DevicesFlow
2016-01-15 00:02:30 ----D---- C:\WINDOWS\rescache
2016-01-15 00:01:24 ----RD---- C:\WINDOWS\PrintDialog
2016-01-15 00:01:21 ----RD---- C:\WINDOWS\MiracastView
2016-01-15 00:00:44 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-01-14 23:58:15 ----SD---- C:\ProgramData\Microsoft
2016-01-14 23:57:24 ----D---- C:\WINDOWS\system32\WinBioDatabase
2016-01-14 23:57:03 ----D---- C:\WINDOWS\SoftwareDistribution
2016-01-14 23:54:09 ----D---- C:\WINDOWS\Registration
2016-01-14 23:47:29 ----D---- C:\WINDOWS\system32\LogFiles
2016-01-14 23:47:09 ----D---- C:\WINDOWS\Tasks
2016-01-14 23:46:33 ----RSD---- C:\WINDOWS\Media
2016-01-14 23:46:20 ----D---- C:\WINDOWS\system32\drivers\etc
2016-01-14 23:45:58 ----D---- C:\WINDOWS\system32\wbem
2016-01-14 23:40:07 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-01-14 23:40:06 ----D---- C:\WINDOWS\ShellNew
2016-01-14 23:40:06 ----D---- C:\WINDOWS\LiveKernelReports
2016-01-14 23:36:16 ----D---- C:\WINDOWS\twain_32
2016-01-14 23:36:15 ----D---- C:\WINDOWS\SYSWOW64\WCN
2016-01-14 23:36:14 ----D---- C:\WINDOWS\SYSWOW64\slmgr
2016-01-14 23:36:14 ----D---- C:\WINDOWS\SYSWOW64\migwiz
2016-01-14 23:36:13 ----D---- C:\WINDOWS\SYSWOW64\IME
2016-01-14 23:36:12 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-01-14 23:36:06 ----D---- C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-01-14 23:36:06 ----D---- C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-01-14 23:36:06 ----D---- C:\WINDOWS\system32\WCN
2016-01-14 23:36:06 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-01-14 23:36:06 ----D---- C:\WINDOWS\system32\spool
2016-01-14 23:36:04 ----D---- C:\WINDOWS\system32\slmgr
2016-01-14 23:36:03 ----D---- C:\WINDOWS\system32\oobe
2016-01-14 23:36:02 ----D---- C:\WINDOWS\system32\NDF
2016-01-14 23:36:02 ----D---- C:\WINDOWS\system32\MRT
2016-01-14 23:36:02 ----D---- C:\WINDOWS\system32\InputMethod
2016-01-14 23:36:02 ----D---- C:\WINDOWS\system32\IME
2016-01-14 23:36:02 ----D---- C:\WINDOWS\system32\en-US
2016-01-14 23:34:59 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-01-14 23:34:59 ----D---- C:\WINDOWS\system32\CatRoot
2016-01-14 23:34:54 ----RD---- C:\WINDOWS\PurchaseDialog
2016-01-14 23:34:47 ----D---- C:\WINDOWS\InputMethod
2016-01-14 23:34:42 ----RSD---- C:\WINDOWS\Fonts
2016-01-14 23:34:41 ----HD---- C:\WINDOWS\ELAMBKUP
2016-01-14 23:34:41 ----D---- C:\WINDOWS\ADFS
2016-01-14 23:34:37 ----RD---- C:\Users
2016-01-14 23:34:37 ----D---- C:\ProgramData\USOPrivate
2016-01-14 23:34:36 ----D---- C:\ProgramData\SoftwareDistribution
2016-01-14 23:34:23 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-01-14 23:34:23 ----D---- C:\Program Files (x86)\Windows Mail
2016-01-14 23:34:22 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-01-14 23:34:21 ----D---- C:\Program Files (x86)\Common Files
2016-01-14 23:34:18 ----D---- C:\Program Files\Windows Photo Viewer
2016-01-14 23:34:18 ----D---- C:\Program Files\Windows Mail
2016-01-14 23:34:18 ----D---- C:\Program Files\Windows Journal
2016-01-14 23:34:17 ----D---- C:\Program Files\Common Files\microsoft shared
2016-01-14 23:34:11 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-01-14 23:33:47 ----D---- C:\WINDOWS\system32\Recovery
2016-01-14 23:33:47 ----D---- C:\WINDOWS\system32\GroupPolicy
2016-01-14 23:30:46 ----D---- C:\WINDOWS\system32\Sysprep
2016-01-14 23:28:34 ----D---- C:\WINDOWS\System
2016-01-14 23:24:18 ----D---- C:\WINDOWS\ServiceProfiles
2016-01-14 23:18:44 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-01-14 23:18:44 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-01-14 23:18:43 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-01-14 23:18:41 ----D---- C:\WINDOWS\system32\sk-SK
2016-01-14 23:18:41 ----D---- C:\WINDOWS\system32\migration
2016-01-14 23:18:41 ----D---- C:\WINDOWS\system32\Dism
2016-01-14 23:18:41 ----D---- C:\WINDOWS\Provisioning
2016-01-14 23:18:40 ----D---- C:\WINDOWS\bcastdvr
2016-01-14 23:18:40 ----D---- C:\Program Files\Internet Explorer
2016-01-14 23:18:40 ----D---- C:\Program Files (x86)\Internet Explorer
2016-01-14 22:52:15 ----HD---- C:\$WINDOWS.~BT
2016-01-14 22:43:29 ----A---- C:\WINDOWS\system32\MRT.exe
2016-01-14 22:43:24 ----D---- C:\ProgramData\Microsoft Help
2016-01-14 22:41:18 ----A---- C:\WINDOWS\win.ini
2016-01-14 19:52:55 ----D---- C:\ProgramData\AVAST Software
2016-01-11 17:16:38 ----A---- C:\WINDOWS\Setup1.exe
2016-01-11 17:16:37 ----A---- C:\WINDOWS\ST6UNST.EXE
2016-01-10 16:37:49 ----D---- C:\Program Files\CCleaner
2016-01-04 17:16:07 ----D---- C:\ProgramData\Lenovo
2016-01-04 17:16:02 ----D---- C:\Program Files (x86)\Lenovo
2016-01-04 17:15:59 ----D---- C:\Program Files\Lenovo
2016-01-04 17:15:36 ----D---- C:\WINDOWS\Downloaded Installations
2016-01-03 02:40:25 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-11-20 69840]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2012-10-05 39008]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-11-20 263528]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-11-20 186784]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2015-11-20 206312]
R1 EpfwLWF;@oem26.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-11-20 52872]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2015-11-20 142976]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 ACPIVPC;@oem18.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2012-10-05 33560]
R3 AmUStor;@oem20.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2012-06-13 100992]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwnx.sys [2015-10-30 4207104]
R3 ETD;@oem15.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-12 525512]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-07-03 4074256]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-10-30 121344]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-01-18 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-10-05 64216]
R3 MEIx64;@oem17.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2015-11-20 14976]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-01-14 117248]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-10-30 254816]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\WINDOWS\System32\drivers\usbser.sys [2015-10-30 67072]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2015-11-20 2522616]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-12 144072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-17 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 276864]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]
R2 OneSyncSvc_1e15f01;Sync Host_1e15f01; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-04 107848]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-04 107848]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-12-10 272864]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1e15f01;MessagingService_1e15f01; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1e15f01;Kontaktné údaje_1e15f01; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2015-11-11 21536]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_1e15f01;Ukladací priestor používateľských údajov_1e15f01; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 UserDataSvc_1e15f01;Prístup k používateľským údajom_1e15f01; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

:commands
[Puirty]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.