Logfile of random's system information tool 1.10 (written by random/random)
Run by User at 2018-03-30 10:06:46
Microsoft Windows 8.1
System drive C: has 220 GB (24%) free of 913 GB
Total RAM: 8104 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:06:52, on 30. 3. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
C:\Program Files\trend micro\User.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [DSATray] C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @oem39.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13509 bytes
======Listing Processes======
wininit.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 759992516144
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
C:\windows\System32\svchost.exe -k utcsvc
dashost.exe {e7b8028d-ecf8-4af8-b8642e23e3bf0906}
"C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe"
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-be586c6e-ce22-440c-8fe3-3c433638fa1f -SystemEventPortName:HostProcess-ed894ce2-5035-471b-a9d9-0f8580fad855 -IoCancelEventPortName:HostProcess-d473e695-c7d1-4051-8fcf-5da8f244519d -NonStateChangingEventPortName:HostProcess-23dd5969-6d6c-4b9d-9636-e1ca89ed4837 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ab1bda29-0a09-4ba0-ab51-19772c24dcab -DeviceGroupId:WudfDefaultDevicePool
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
adb fork-server server
taskhost.exe $(Arg0)
"C:\ProgramData\Lenovo App Services\Engine\LenovoAppServices.exe"
C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\windows\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe" 1 1 1 1
taskhostex.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe"
AvastUI.exe /nogui
"C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Users\User\AppData\Local\Apps\2.0\Q141OBD6.5OR\GDOWN71B.3AX\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\User\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=65.0.3325.181 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ffd48d9f1e8,0x7ffd48d9f1f8,0x7ffd48d9f208
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5928 --on-initialized-event-handle=480 --parent-handle=484 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1528,13900759150627395210,2146490165095118019,131072 --gpu-preferences=KAAAAAAAAAAABwAAAQAAAAAAAAAAAGAAAQAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4029 --gpu-driver-date=11-18-2014 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x139b --service-request-channel-token=7EE5FA51312B391EEE9189C51DD6B78C --mojo-platform-channel-handle=1556 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,13900759150627395210,2146490165095118019,131072 --service-pipe-token=ED0FF583731C1BF52E821EADE06261B0 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=ED0FF583731C1BF52E821EADE06261B0 --renderer-client-id=3 --mojo-platform-channel-handle=2824 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,13900759150627395210,2146490165095118019,131072 --service-pipe-token=FE236CA72946AD24E862A95FE9E74778 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=FE236CA72946AD24E862A95FE9E74778 --renderer-client-id=4 --mojo-platform-channel-handle=2816 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,13900759150627395210,2146490165095118019,131072 --service-pipe-token=4DF8EFEFDAEDF52AAAD1D73231ED6E0A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=4DF8EFEFDAEDF52AAAD1D73231ED6E0A --renderer-client-id=11 --mojo-platform-channel-handle=5108 /prefetch:1
"C:\windows\System32\Taskmgr.exe" /3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,13900759150627395210,2146490165095118019,131072 --service-pipe-token=7838D9514E4D5D1B7D4B0373EF4E092A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=7838D9514E4D5D1B7D4B0373EF4E092A --renderer-client-id=52 --mojo-platform-channel-handle=6300 /prefetch:1
"C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe" --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller winlogon
"C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe" --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d
"C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe" --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,13900759150627395210,2146490165095118019,131072 --service-pipe-token=74BB7B60E489E3837181E1DD64D9C3C4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=74BB7B60E489E3837181E1DD64D9C3C4 --renderer-client-id=60 --mojo-platform-channel-handle=8096 /prefetch:1
C:\windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,13900759150627395210,2146490165095118019,131072 --service-pipe-token=29578850BEBB6AA96960D33179445224 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=29578850BEBB6AA96960D33179445224 --renderer-client-id=72 --mojo-platform-channel-handle=5032 /prefetch:1
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\User\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25 1429728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-12-13 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-18 938712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25 1056992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-30 474688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-18 812248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-11-15 1743664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-30 188992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25 1429728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25 1056992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"=C:\windows\RTFTrack.exe [2014-06-10 6340312]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24 13667032]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-05 1379544]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-05 1379544]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-05 1379544]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2016-09-19 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2016-09-19 16093512]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2016-09-19 8235848]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-03-12 3276104]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-07-14 303928]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-03-27 245608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2018-03-27 3198752]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"DSATray"=C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [2018-03-15 135968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19 587288]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-03-30 10:06:46 ----D---- C:\rsit
2018-03-30 10:06:46 ----D---- C:\Program Files\trend micro
2018-03-29 21:05:18 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2018-03-28 20:53:38 ----D---- C:\Program Files (x86)\Intel Driver and Support Assistant
2018-03-28 18:41:44 ----A---- C:\windows\system32\aspnet_counters.dll
2018-03-28 18:41:40 ----A---- C:\windows\system32\msvcr100_clr0400.dll
2018-03-28 18:41:36 ----A---- C:\windows\SYSWOW64\aspnet_counters.dll
2018-03-28 18:41:31 ----A---- C:\windows\SYSWOW64\msvcr100_clr0400.dll
2018-03-28 18:02:00 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2018-03-28 18:01:59 ----A---- C:\windows\SYSWOW64\vbscript.dll
2018-03-28 18:01:59 ----A---- C:\windows\SYSWOW64\urlmon.dll
2018-03-28 18:01:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2018-03-28 18:01:59 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2018-03-28 18:01:59 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2018-03-28 18:01:59 ----A---- C:\windows\system32\wow64cpu.dll
2018-03-28 18:01:59 ----A---- C:\windows\system32\ie4uinit.exe
2018-03-28 18:01:58 ----A---- C:\windows\SYSWOW64\ntdll.dll
2018-03-28 18:01:58 ----A---- C:\windows\SYSWOW64\jscript.dll
2018-03-28 18:01:58 ----A---- C:\windows\SYSWOW64\iertutil.dll
2018-03-28 18:01:58 ----A---- C:\windows\SYSWOW64\ieframe.dll
2018-03-28 18:01:58 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2018-03-28 18:01:58 ----A---- C:\windows\system32\wow64.dll
2018-03-28 18:01:58 ----A---- C:\windows\system32\vbscript.dll
2018-03-28 18:01:58 ----A---- C:\windows\system32\urlmon.dll
2018-03-28 18:01:58 ----A---- C:\windows\system32\msfeeds.dll
2018-03-28 18:01:58 ----A---- C:\windows\system32\iedkcs32.dll
2018-03-28 18:01:57 ----A---- C:\windows\SYSWOW64\wininet.dll
2018-03-28 18:01:57 ----A---- C:\windows\SYSWOW64\webcheck.dll
2018-03-28 18:01:57 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2018-03-28 18:01:57 ----A---- C:\windows\SYSWOW64\jscript9.dll
2018-03-28 18:01:57 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2018-03-28 18:01:57 ----A---- C:\windows\SYSWOW64\ieui.dll
2018-03-28 18:01:57 ----A---- C:\windows\system32\iertutil.dll
2018-03-28 18:01:56 ----A---- C:\windows\system32\ntdll.dll
2018-03-28 18:01:56 ----A---- C:\windows\system32\jscript.dll
2018-03-28 18:01:56 ----A---- C:\windows\system32\hal.dll
2018-03-28 18:01:56 ----A---- C:\windows\system32\dxtrans.dll
2018-03-28 18:01:55 ----A---- C:\windows\system32\webcheck.dll
2018-03-28 18:01:55 ----A---- C:\windows\system32\jscript9.dll
2018-03-28 18:01:55 ----A---- C:\windows\system32\ieframe.dll
2018-03-28 18:01:54 ----A---- C:\windows\system32\win32k.sys
2018-03-28 18:01:54 ----A---- C:\windows\system32\MshtmlDac.dll
2018-03-28 18:01:54 ----A---- C:\windows\system32\ieui.dll
2018-03-28 18:01:53 ----A---- C:\windows\system32\wininet.dll
2018-03-28 18:01:53 ----A---- C:\windows\system32\inetcomm.dll
2018-03-28 18:01:52 ----A---- C:\windows\system32\ntoskrnl.exe
2018-03-28 18:01:52 ----A---- C:\windows\system32\drivers\http.sys
2018-03-28 18:01:51 ----A---- C:\windows\SYSWOW64\rascfg.dll
2018-03-28 18:01:51 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2018-03-28 18:01:51 ----A---- C:\windows\system32\wevtsvc.dll
2018-03-28 18:01:51 ----A---- C:\windows\system32\rascfg.dll
2018-03-28 18:01:51 ----A---- C:\windows\system32\nshwfp.dll
2018-03-28 18:01:51 ----A---- C:\windows\system32\mshtml.dll
2018-03-28 18:01:51 ----A---- C:\windows\system32\drivers\afd.sys
2018-03-28 18:01:50 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2018-03-28 18:01:50 ----A---- C:\windows\SYSWOW64\advapi32.dll
2018-03-28 18:01:50 ----A---- C:\windows\system32\drivers\srvnet.sys
2018-03-28 18:01:49 ----A---- C:\windows\SYSWOW64\msrating.dll
2018-03-28 18:01:49 ----A---- C:\windows\system32\drivers\srv2.sys
2018-03-28 18:01:49 ----A---- C:\windows\system32\drivers\srv.sys
2018-03-28 18:01:49 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2018-03-28 18:01:48 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2018-03-28 18:01:48 ----A---- C:\windows\system32\IKEEXT.DLL
2018-03-28 18:01:48 ----A---- C:\windows\system32\dxtmsft.dll
2018-03-28 18:01:48 ----A---- C:\windows\system32\drivers\msiscsi.sys
2018-03-28 18:01:48 ----A---- C:\windows\system32\advapi32.dll
2018-03-28 18:01:47 ----A---- C:\windows\system32\msrating.dll
2018-03-28 18:01:47 ----A---- C:\windows\system32\lsasrv.dll
2018-03-28 18:01:47 ----A---- C:\windows\system32\drivers\tcpip.sys
2018-03-28 18:01:47 ----A---- C:\windows\system32\appinfo.dll
2018-03-28 18:01:46 ----A---- C:\windows\system32\wmp.dll
2018-03-28 18:01:46 ----A---- C:\windows\system32\shell32.dll
2018-03-28 18:01:46 ----A---- C:\windows\system32\rpcrt4.dll
2018-03-28 18:01:46 ----A---- C:\windows\system32\drivers\ntfs.sys
2018-03-28 18:01:44 ----A---- C:\windows\SYSWOW64\wmp.dll
2018-03-28 18:01:42 ----A---- C:\windows\SYSWOW64\shell32.dll
2018-03-28 18:01:41 ----A---- C:\windows\SYSWOW64\bcryptprimitives.dll
2018-03-28 18:01:41 ----A---- C:\windows\system32\winresume.exe
2018-03-28 18:01:41 ----A---- C:\windows\system32\drivers\cng.sys
2018-03-28 18:01:41 ----A---- C:\windows\system32\bcryptprimitives.dll
2018-03-28 18:01:40 ----A---- C:\windows\system32\winload.exe
2018-03-28 18:01:39 ----A---- C:\windows\SYSWOW64\iepeers.dll
2018-03-28 18:01:39 ----A---- C:\windows\SYSWOW64\authui.dll
2018-03-28 18:01:39 ----A---- C:\windows\system32\Windows.Data.Pdf.dll
2018-03-28 18:01:39 ----A---- C:\windows\system32\jscript9diag.dll
2018-03-28 18:01:39 ----A---- C:\windows\system32\iepeers.dll
2018-03-28 18:01:39 ----A---- C:\windows\system32\ieetwproxystub.dll
2018-03-28 18:01:39 ----A---- C:\windows\system32\ieetwcollector.exe
2018-03-28 18:01:39 ----A---- C:\windows\system32\glcndFilter.dll
2018-03-28 18:01:39 ----A---- C:\windows\system32\authui.dll
2018-03-28 18:01:37 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2018-03-28 18:01:37 ----A---- C:\windows\SYSWOW64\glcndFilter.dll
2018-03-28 18:01:37 ----A---- C:\windows\system32\xpsrchvw.exe
2018-03-28 18:01:37 ----A---- C:\windows\system32\MSVidCtl.dll
2018-03-28 18:01:36 ----A---- C:\windows\SYSWOW64\Windows.Data.Pdf.dll
2018-03-28 18:01:36 ----A---- C:\windows\system32\wuaueng.dll
2018-03-28 18:01:36 ----A---- C:\windows\system32\mmcndmgr.dll
2018-03-28 18:01:35 ----A---- C:\windows\system32\msxml6.dll
2018-03-28 18:01:34 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2018-03-28 18:01:34 ----A---- C:\windows\system32\rdpcorets.dll
2018-03-28 18:01:34 ----A---- C:\windows\system32\inseng.dll
2018-03-28 18:01:34 ----A---- C:\windows\system32\ieapfltr.dll
2018-03-28 18:01:34 ----A---- C:\windows\system32\actxprxy.dll
2018-03-28 18:01:32 ----A---- C:\windows\SYSWOW64\xpsrchvw.exe
2018-03-28 18:01:32 ----A---- C:\windows\SYSWOW64\msxml6.dll
2018-03-28 18:01:32 ----A---- C:\windows\SYSWOW64\MSVidCtl.dll
2018-03-28 18:01:32 ----A---- C:\windows\SYSWOW64\msi.dll
2018-03-28 18:01:32 ----A---- C:\windows\SYSWOW64\msftedit.dll
2018-03-28 18:01:32 ----A---- C:\windows\SYSWOW64\mmcndmgr.dll
2018-03-28 18:01:32 ----A---- C:\windows\SYSWOW64\mmc.exe
2018-03-28 18:01:32 ----A---- C:\windows\system32\msi.dll
2018-03-28 18:01:32 ----A---- C:\windows\system32\msftedit.dll
2018-03-28 18:01:32 ----A---- C:\windows\system32\mmc.exe
2018-03-28 18:01:31 ----A---- C:\windows\system32\tquery.dll
2018-03-28 18:01:30 ----A---- C:\windows\SYSWOW64\WsmSvc.dll
2018-03-28 18:01:30 ----A---- C:\windows\SYSWOW64\combase.dll
2018-03-28 18:01:30 ----A---- C:\windows\system32\termsrv.dll
2018-03-28 18:01:30 ----A---- C:\windows\system32\kerberos.dll
2018-03-28 18:01:29 ----A---- C:\windows\SYSWOW64\tquery.dll
2018-03-28 18:01:29 ----A---- C:\windows\system32\WsmSvc.dll
2018-03-28 18:01:28 ----A---- C:\windows\system32\sysmain.dll
2018-03-28 18:01:28 ----A---- C:\windows\system32\schedsvc.dll
2018-03-28 18:01:28 ----A---- C:\windows\system32\ole32.dll
2018-03-28 18:01:28 ----A---- C:\windows\system32\localspl.dll
2018-03-28 18:01:28 ----A---- C:\windows\system32\KernelBase.dll
2018-03-28 18:01:28 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2018-03-28 18:01:28 ----A---- C:\windows\system32\combase.dll
2018-03-28 18:01:28 ----A---- C:\windows\system32\certcli.dll
2018-03-28 18:01:27 ----A---- C:\windows\SYSWOW64\kerberos.dll
2018-03-28 18:01:27 ----A---- C:\windows\SYSWOW64\certcli.dll
2018-03-28 18:01:26 ----A---- C:\windows\SYSWOW64\winhttp.dll
2018-03-28 18:01:26 ----A---- C:\windows\SYSWOW64\StructuredQuery.dll
2018-03-28 18:01:26 ----A---- C:\windows\system32\winhttp.dll
2018-03-28 18:01:26 ----A---- C:\windows\system32\uxtheme.dll
2018-03-28 18:01:26 ----A---- C:\windows\system32\StructuredQuery.dll
2018-03-28 18:01:26 ----A---- C:\windows\system32\rpcss.dll
2018-03-28 18:01:26 ----A---- C:\windows\system32\MPSSVC.dll
2018-03-28 18:01:26 ----A---- C:\windows\system32\certutil.exe
2018-03-28 18:01:25 ----A---- C:\windows\SYSWOW64\uxtheme.dll
2018-03-28 18:01:25 ----A---- C:\windows\system32\pcasvc.dll
2018-03-28 18:01:24 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2018-03-28 18:01:24 ----A---- C:\windows\SYSWOW64\ole32.dll
2018-03-28 18:01:24 ----A---- C:\windows\system32\ucrtbase.dll
2018-03-28 18:01:24 ----A---- C:\windows\system32\puiobj.dll
2018-03-28 18:01:24 ----A---- C:\windows\system32\mshtmled.dll
2018-03-28 18:01:24 ----A---- C:\windows\system32\drivers\usbhub.sys
2018-03-28 18:01:24 ----A---- C:\windows\system32\drivers\pci.sys
2018-03-28 18:01:23 ----A---- C:\windows\SYSWOW64\setup16.exe
2018-03-28 18:01:23 ----A---- C:\windows\SYSWOW64\certutil.exe
2018-03-28 18:01:23 ----A---- C:\windows\system32\rdpclip.exe
2018-03-28 18:01:23 ----A---- C:\windows\system32\ncsi.dll
2018-03-28 18:01:23 ----A---- C:\windows\system32\drivers\wanarp.sys
2018-03-28 18:01:23 ----A---- C:\windows\system32\drivers\usbccgp.sys
2018-03-28 18:01:23 ----A---- C:\windows\system32\drivers\rdyboost.sys
2018-03-28 18:01:23 ----A---- C:\windows\system32\drivers\ndproxy.sys
2018-03-28 18:01:23 ----A---- C:\windows\system32\drivers\fltMgr.sys
2018-03-28 18:01:22 ----A---- C:\windows\system32\winlogon.exe
2018-03-28 18:01:22 ----A---- C:\windows\system32\drivers\msrpc.sys
2018-03-28 18:01:21 ----A---- C:\windows\system32\scesrv.dll
2018-03-28 18:01:20 ----A---- C:\windows\SYSWOW64\scesrv.dll
2018-03-28 18:01:20 ----A---- C:\windows\SYSWOW64\puiobj.dll
2018-03-28 18:01:20 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2018-03-28 18:01:20 ----A---- C:\windows\system32\WinSCard.dll
2018-03-28 18:01:20 ----A---- C:\windows\system32\wcncsvc.dll
2018-03-28 18:01:20 ----A---- C:\windows\system32\spoolsv.exe
2018-03-28 18:01:20 ----A---- C:\windows\system32\nlasvc.dll
2018-03-28 18:01:20 ----A---- C:\windows\system32\drivers\fvevol.sys
2018-03-28 18:01:20 ----A---- C:\windows\system32\drivers\acpi.sys
2018-03-28 18:01:20 ----A---- C:\windows\system32\cryptnet.dll
2018-03-28 18:01:20 ----A---- C:\windows\system32\BFE.DLL
2018-03-28 18:01:20 ----A---- C:\windows\system32\atmfd.dll
2018-03-28 18:01:19 ----A---- C:\windows\SYSWOW64\WinSCard.dll
2018-03-28 18:01:19 ----A---- C:\windows\SYSWOW64\PCPTpm12.dll
2018-03-28 18:01:19 ----A---- C:\windows\SYSWOW64\msexcl40.dll
2018-03-28 18:01:19 ----A---- C:\windows\SYSWOW64\iprtrmgr.dll
2018-03-28 18:01:19 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2018-03-28 18:01:19 ----A---- C:\windows\SYSWOW64\atmfd.dll
2018-03-28 18:01:19 ----A---- C:\windows\system32\TSpkg.dll
2018-03-28 18:01:19 ----A---- C:\windows\system32\SCardSvr.dll
2018-03-28 18:01:19 ----A---- C:\windows\system32\PCPTpm12.dll
2018-03-28 18:01:19 ----A---- C:\windows\system32\drivers\storport.sys
2018-03-28 18:01:19 ----A---- C:\windows\system32\drivers\luafv.sys
2018-03-28 18:01:19 ----A---- C:\windows\system32\drivers\cdrom.sys
2018-03-28 18:01:18 ----A---- C:\windows\SYSWOW64\Windows.Storage.ApplicationData.dll
2018-03-28 18:01:18 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2018-03-28 18:01:18 ----A---- C:\windows\system32\UXInit.dll
2018-03-28 18:01:18 ----A---- C:\windows\system32\msra.exe
2018-03-28 18:01:18 ----A---- C:\windows\system32\drivers\clfs.sys
2018-03-28 18:01:17 ----A---- C:\windows\system32\drivers\pacer.sys
2018-03-28 18:01:16 ----A---- C:\windows\SYSWOW64\P2P.dll
2018-03-28 18:01:16 ----A---- C:\windows\system32\p2psvc.dll
2018-03-28 18:01:16 ----A---- C:\windows\system32\iprtrmgr.dll
2018-03-28 18:01:15 ----A---- C:\windows\SYSWOW64\UXInit.dll
2018-03-28 18:01:15 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2018-03-28 18:01:15 ----A---- C:\windows\system32\wlansvc.dll
2018-03-28 18:01:15 ----A---- C:\windows\system32\WinTypes.dll
2018-03-28 18:01:15 ----A---- C:\windows\system32\Windows.Storage.ApplicationData.dll
2018-03-28 18:01:15 ----A---- C:\windows\system32\WcnApi.dll
2018-03-28 18:01:15 ----A---- C:\windows\system32\puiapi.dll
2018-03-28 18:01:15 ----A---- C:\windows\system32\prnntfy.dll
2018-03-28 18:01:15 ----A---- C:\windows\system32\pnrpsvc.dll
2018-03-28 18:01:15 ----A---- C:\windows\system32\P2P.dll
2018-03-28 18:01:15 ----A---- C:\windows\system32\nlaapi.dll
2018-03-28 18:01:15 ----A---- C:\windows\system32\mmcbase.dll
2018-03-28 18:01:15 ----A---- C:\windows\system32\itss.dll
2018-03-28 18:01:15 ----A---- C:\windows\system32\drivers\wfplwfs.sys
2018-03-28 18:01:14 ----A---- C:\windows\SYSWOW64\mmcbase.dll
2018-03-28 18:01:14 ----A---- C:\windows\SYSWOW64\itss.dll
2018-03-28 18:01:14 ----A---- C:\windows\SYSWOW64\cic.dll
2018-03-28 18:01:14 ----A---- C:\windows\system32\regsvc.dll
2018-03-28 18:01:14 ----A---- C:\windows\system32\fontsub.dll
2018-03-28 18:01:14 ----A---- C:\windows\system32\fdWCN.dll
2018-03-28 18:01:14 ----A---- C:\windows\system32\drivers\usbport.sys
2018-03-28 18:01:14 ----A---- C:\windows\system32\drivers\ULIAGPKX.SYS
2018-03-28 18:01:14 ----A---- C:\windows\system32\drivers\NV_AGP.SYS
2018-03-28 18:01:14 ----A---- C:\windows\system32\drivers\BasicRender.sys
2018-03-28 18:01:14 ----A---- C:\windows\system32\drivers\appid.sys
2018-03-28 18:01:13 ----A---- C:\windows\SYSWOW64\zipfldr.dll
2018-03-28 18:01:13 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2018-03-28 18:01:13 ----A---- C:\windows\SYSWOW64\fontsub.dll
2018-03-28 18:01:13 ----A---- C:\windows\system32\zipfldr.dll
2018-03-28 18:01:13 ----A---- C:\windows\system32\wuauclt.exe
2018-03-28 18:01:13 ----A---- C:\windows\system32\drivers\msisadrv.sys
2018-03-28 18:01:13 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2018-03-28 18:01:13 ----A---- C:\windows\system32\drivers\isapnp.sys
2018-03-28 18:01:13 ----A---- C:\windows\system32\drivers\hidparse.sys
2018-03-28 18:01:13 ----A---- C:\windows\system32\drivers\AGP440.sys
2018-03-28 18:01:12 ----A---- C:\windows\SYSWOW64\fdWCN.dll
2018-03-28 18:01:12 ----A---- C:\windows\system32\drivers\rdbss.sys
2018-03-28 18:01:12 ----A---- C:\windows\system32\drivers\dfsc.sys
2018-03-28 18:01:10 ----A---- C:\windows\SYSWOW64\wow32.dll
2018-03-28 18:01:10 ----A---- C:\windows\SYSWOW64\mgmtapi.dll
2018-03-28 18:01:10 ----A---- C:\windows\SYSWOW64\FirewallAPI.dll
2018-03-28 18:01:10 ----A---- C:\windows\SYSWOW64\certenc.dll
2018-03-28 18:01:10 ----A---- C:\windows\system32\mgmtapi.dll
2018-03-28 18:01:10 ----A---- C:\windows\system32\drivers\netbios.sys
2018-03-28 18:01:10 ----A---- C:\windows\system32\cic.dll
2018-03-28 18:01:10 ----A---- C:\windows\system32\certenc.dll
2018-03-28 18:01:09 ----A---- C:\windows\SYSWOW64\prnntfy.dll
2018-03-28 18:01:09 ----A---- C:\windows\SYSWOW64\mmcshext.dll
2018-03-28 18:01:09 ----A---- C:\windows\SYSWOW64\compstui.dll
2018-03-28 18:01:09 ----A---- C:\windows\system32\rfxvmt.dll
2018-03-28 18:01:09 ----A---- C:\windows\system32\pcalua.exe
2018-03-28 18:01:09 ----A---- C:\windows\system32\credssp.dll
2018-03-28 18:01:09 ----A---- C:\windows\system32\compstui.dll
2018-03-28 18:01:07 ----A---- C:\windows\system32\SCardDlg.dll
2018-03-28 18:01:07 ----A---- C:\windows\system32\drivers\nwifi.sys
2018-03-28 18:01:06 ----A---- C:\windows\SYSWOW64\WsmWmiPl.dll
2018-03-28 18:01:06 ----A---- C:\windows\SYSWOW64\WcnApi.dll
2018-03-28 18:01:06 ----A---- C:\windows\SYSWOW64\puiapi.dll
2018-03-28 18:01:06 ----A---- C:\windows\SYSWOW64\credssp.dll
2018-03-28 18:01:06 ----A---- C:\windows\system32\WsmWmiPl.dll
2018-03-28 18:01:06 ----A---- C:\windows\system32\mmcshext.dll
2018-03-28 18:01:06 ----A---- C:\windows\system32\icfupgd.dll
2018-03-28 18:01:06 ----A---- C:\windows\system32\FirewallAPI.dll
2018-03-28 18:01:01 ----A---- C:\windows\SYSWOW64\atmlib.dll
2018-03-28 18:01:01 ----A---- C:\windows\system32\drivers\scfilter.sys
2018-03-28 18:01:01 ----A---- C:\windows\system32\atmlib.dll
2018-03-28 17:59:49 ----A---- C:\windows\system32\aitstatic.exe
2018-03-28 17:59:48 ----A---- C:\windows\system32\appraiser.dll
2018-03-28 17:59:48 ----A---- C:\windows\system32\acmigration.dll
2018-03-28 17:59:46 ----A---- C:\windows\system32\devinv.dll
2018-03-28 17:59:46 ----A---- C:\windows\system32\CompatTelRunner.exe
2018-03-28 17:59:46 ----A---- C:\windows\system32\aepic.dll
2018-03-28 17:59:46 ----A---- C:\windows\system32\aeinv.dll
2018-03-28 17:59:45 ----A---- C:\windows\system32\generaltel.dll
2018-03-28 17:59:45 ----A---- C:\windows\system32\centel.dll
2018-03-28 17:59:44 ----A---- C:\windows\system32\invagent.dll
2018-03-28 17:44:54 ----D---- C:\Program Files\CCleaner
2018-03-27 22:18:37 ----A---- C:\windows\system32\aswBoot.exe
2018-03-27 14:44:21 ----D---- C:\Program Files (x86)\Steel Division Normandy 44
======List of files/folders modified in the last 1 month======
2018-03-30 10:06:52 ----D---- C:\windows\Prefetch
2018-03-30 10:06:46 ----RD---- C:\Program Files
2018-03-30 10:05:06 ----SHD---- C:\windows\Installer
2018-03-30 10:05:06 ----D---- C:\windows\Temp
2018-03-30 10:05:05 ----SHD---- C:\Config.Msi
2018-03-30 10:05:05 ----D---- C:\Program Files (x86)\Java
2018-03-30 10:05:04 ----D---- C:\windows\SysWOW64
2018-03-30 10:04:30 ----D---- C:\Program Files (x86)\Common Files
2018-03-30 10:03:31 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2018-03-30 10:00:00 ----D---- C:\windows\system32\sru
2018-03-30 09:43:23 ----D---- C:\Program Files (x86)\Steam
2018-03-29 21:24:28 ----D---- C:\ProgramData\Lenovo App Services
2018-03-29 21:23:24 ----D---- C:\windows\Microsoft.NET
2018-03-29 21:20:14 ----D---- C:\windows\system32\config
2018-03-29 21:07:20 ----D---- C:\windows\Inf
2018-03-29 21:07:20 ----AD---- C:\windows\System32
2018-03-29 21:07:20 ----A---- C:\windows\system32\PerfStringBackup.INI
2018-03-29 21:05:21 ----D---- C:\windows\WinSxS
2018-03-29 21:03:37 ----D---- C:\windows\system32\DriverStore
2018-03-29 21:00:59 ----D---- C:\ProgramData\NVIDIA
2018-03-29 20:57:26 ----D---- C:\ProgramData\Foxit Software
2018-03-29 20:56:42 ----AD---- C:\Windows
2018-03-29 20:52:58 ----D---- C:\windows\SYSWOW64\en-US
2018-03-29 20:52:58 ----D---- C:\windows\system32\en-US
2018-03-29 20:52:57 ----D---- C:\windows\system32\appraiser
2018-03-29 20:52:56 ----RD---- C:\windows\ToastData
2018-03-29 20:52:56 ----D---- C:\windows\apppatch
2018-03-29 20:52:32 ----D---- C:\Program Files\Internet Explorer
2018-03-29 20:52:32 ----D---- C:\Program Files (x86)\Internet Explorer
2018-03-29 20:52:31 ----D---- C:\windows\SYSWOW64\cs-CZ
2018-03-29 20:52:26 ----D---- C:\windows\system32\wbem
2018-03-29 20:52:26 ----D---- C:\windows\system32\drivers
2018-03-29 20:52:26 ----D---- C:\windows\system32\cs-CZ
2018-03-29 20:52:26 ----D---- C:\windows\system32\Boot
2018-03-29 20:36:20 ----RSD---- C:\windows\assembly
2018-03-29 16:59:07 ----D---- C:\windows\system32\Tasks
2018-03-29 16:59:07 ----D---- C:\ProgramData\Intel
2018-03-28 20:53:45 ----D---- C:\ProgramData\Package Cache
2018-03-28 20:53:38 ----RD---- C:\Program Files (x86)
2018-03-28 20:53:01 ----D---- C:\Program Files\Intel
2018-03-28 20:52:32 ----SHD---- C:\System Volume Information
2018-03-28 18:50:00 ----D---- C:\windows\CbsTemp
2018-03-28 18:44:03 ----D---- C:\windows\system32\catroot2
2018-03-28 18:40:47 ----D---- C:\windows\system32\MRT
2018-03-28 18:06:26 ----D---- C:\windows\debug
2018-03-28 18:06:20 ----AC---- C:\windows\system32\MRT-KB890830.exe
2018-03-28 18:06:11 ----AC---- C:\windows\system32\MRT.exe
2018-03-28 17:52:25 ----D---- C:\windows\SoftwareDistribution
2018-03-28 17:50:00 ----D---- C:\Users\User\AppData\Roaming\uTorrent
2018-03-28 17:50:00 ----D---- C:\Users\User\AppData\Roaming\Media Player Classic
2018-03-28 17:50:00 ----D---- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2018-03-28 17:49:47 ----D---- C:\windows\Panther
2018-03-28 17:49:46 ----D---- C:\windows\Logs
2018-03-28 17:49:45 ----D---- C:\windows\Minidump
2018-03-28 14:53:09 ----D---- C:\Program Files (x86)\McAfee
2018-03-28 14:52:23 ----D---- C:\Program Files\TrueKey
2018-03-27 23:28:21 ----D---- C:\windows\system32\NDF
2018-03-27 21:00:18 ----D---- C:\Users\User\AppData\Roaming\TS3Client
2018-03-27 19:22:47 ----A---- C:\windows\SYSWOW64\PnkBstrB.exe
2018-03-14 21:57:22 ----D---- C:\windows\system32\Macromed
2018-03-14 21:57:21 ----D---- C:\windows\SYSWOW64\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\windows\system32\drivers\aswbidsha.sys [2018-03-27 199440]
R0 aswblog;aswblog; C:\windows\system32\drivers\aswbloga.sys [2018-03-27 343752]
R0 aswbuniv;aswbuniv; C:\windows\system32\drivers\aswbuniva.sys [2018-03-27 57680]
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2018-03-27 84368]
R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2018-03-27 380528]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2014-03-26 645992]
R1 aswArPot;aswArPot; C:\windows\system32\drivers\aswArPot.sys [2018-03-27 196648]
R1 aswbidsdriver;aswbidsdriver; C:\windows\system32\drivers\aswbidsdrivera.sys [2018-03-27 227504]
R1 aswHdsKe;aswHdsKe; C:\windows\system32\drivers\aswHdsKe.sys [2018-03-27 215320]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2018-03-27 110328]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2018-03-27 1026696]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2018-03-27 460520]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2018-03-27 146656]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2018-03-27 205976]
R3 ACPIVPC;@oem44.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2016-09-19 35576]
R3 bcbtums;@oem39.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\windows\system32\drivers\bcbtums.sys [2013-11-14 170712]
R3 BCM43XX;@oem42.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl63a.sys [2014-12-05 7592664]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2015-06-10 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2015-06-10 81920]
R3 btwampfl;@oem39.inf,%btwampfl.ServiceName%;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2014-08-09 185600]
R3 btwaudio;@oem35.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2014-11-10 209152]
R3 btwavdt;@oem35.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\windows\System32\drivers\btwavdt.sys [2014-10-21 230656]
R3 btwl2cap;@oem38.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2012-07-27 40248]
R3 dtlitescsibus;@oem91.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\windows\System32\drivers\dtlitescsibus.sys [2017-02-28 30264]
R3 dtliteusbbus;@oem92.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\windows\System32\drivers\dtliteusbbus.sys [2017-02-28 47672]
R3 ETD;@oem33.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-03-12 401160]
R3 ETDSMBus;ETDSMBus; C:\windows\system32\DRIVERS\ETDSMBus.sys [2014-03-11 24904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-11-22 4763064]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-03-11 3891800]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2014-11-17 30512]
R3 MEIx64;@oem90.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\TeeDriverW8x64.sys [2016-12-02 204920]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2017-01-20 14286392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem14.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 RTSPER;@oem15.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\windows\system32\DRIVERS\RtsPer.sys [2013-10-24 444632]
R3 rtsuvc;@oem28.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-06-10 9121496]
S3 aswHwid;aswHwid; C:\windows\system32\drivers\aswHwid.sys [2018-03-27 46968]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2015-06-10 1201664]
S3 btwrchid;btwrchid; C:\windows\System32\drivers\btwrchid.sys [2014-10-21 38656]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\windows\system32\DRIVERS\Hamdrv.sys [2017-06-29 45680]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-11-17 42288]
S3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-11-22 455440]
S3 mfencbdc01;McAfee Inc.; \Device\mfencbdc01.sys []
S3 NETwNe64;@netwew00.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew00.sys [2013-07-08 3344352]
S3 nvvad_WaveExtensible;@oem49.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2016-11-17 46016]
S3 semav6msr64;semav6msr64; \??\C:\windows\system32\drivers\semav6msr64.sys [2018-01-11 41512]
S3 USBAAPL64;@oem4.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2016-12-21 54784]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2014-11-21 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2014-11-21 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-11-21 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-04-03 83768]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-03-27 303728]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2014-12-05 980224]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-11-21 38792]
R2 DSAService;Intel(R) Driver & Support Assistant; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [2018-03-15 22816]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-15 101680]
R2 FoxitReaderService;Foxit Reader Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2016-08-05 1648840]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-11-22 328296]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [2016-09-19 389680]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2016-09-19 198192]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-01-20 464440]
R2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2016-09-19 288240]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2016-09-26 76888]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-25 390632]
R2 SystemUsageReportSvc_QUEENCREEK;Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [2018-01-11 182544]
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-09-21 1001920]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-09-21 16928]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-03-27 7556704]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-02-07 1471168]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-12-09 43696]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-07-14 689976]
S2 BcmBtRSupport;@oem39.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\windows\system32\BtwRSupportService.exe [2013-11-14 2251992]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-18 153752]
S2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-14 272384]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-10-04 1494024]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-11-22 279144]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-02-05 526376]
S3 ESRV_SVC_QUEENCREEK;Energy Server Service queencreek; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [2018-01-11 886032]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2017-03-09 342456]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-18 153752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 Intel(R) SUR QC SAM;Intel(R) SUR QC Software Asset Manager; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13 18168]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2016-09-19 308720]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-03-27 1671968]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S3 TESHelper;TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [2016-09-19 104696]
S3 TrueKeyServiceHelper;Intel Security True Key Helper Service; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-09-21 87760]
S3 USER_ESRV_SVC_QUEENCREEK;User Energy Server Service queencreek; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [2018-01-11 886032]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím kontrolu
Ahoj 
Ak nepouzivas program Intel Security True Key, odporucam ho odinstalovat
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Ak nepouzivas program Intel Security True Key, odporucam ho odinstalovat Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Scan (Skenovanie) a pockaj na dokoncenie
- Klikni na Clean (Cistenie) a potvrd kliknutim na OK
- AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
- Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
TheKicoman
- Návštěvník
- Příspěvky: 37
- Registrován: 14 pro 2009 16:43
Re: prosím kontrolu
# AdwCleaner 7.0.8.0 - Logfile created on Tue Apr 03 19:35:01 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [941 B] - [2018/4/3 19:19:19]
C:/AdwCleaner/AdwCleaner[S1].txt - [1007 B] - [2018/4/3 19:34:38]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Vypadá to v pohodě. Díky
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [941 B] - [2018/4/3 19:19:19]
C:/AdwCleaner/AdwCleaner[S1].txt - [1007 B] - [2018/4/3 19:34:38]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Vypadá to v pohodě. Díky
Re: prosím kontrolu
Este mozme precistit dalsie veci. Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707 V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST. Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?