Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zpomalený počítač

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
EvNa
Návštěvník
Návštěvník
Příspěvky: 28
Registrován: 25 čer 2015 09:43

Zpomalený počítač

#1 Příspěvek od EvNa »

Dobrý den,

v poslední době mám velmi zpomalený a zasekaný počítač, proto prosím o kontrolu logu.

Předem děkuji,
EvNa

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2015-06-25 10:47:24
Microsoft Windows 8.1
System drive C: has 359 GB (78%) free of 461 GB
Total RAM: 3991 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:47:39, on 25. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Absolute Software\Absolute Reminder\AbsoluteReminder.exe
C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\szndesktop.exea
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13-comm.msn.com/?pc=LNJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Honza\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: BrcmSetSecurity - Intel - C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem37.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel(R) Small Business Advantage (intelsba) - Intel Corporation - C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo QuickSnip Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Settings Mobile Hotspot Service (LnvHotSpotSvc) - Lenovo - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\WINDOWS\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: ValBioService - Validity Sensors, Inc. - C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @oem36.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\WINDOWS\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14176 bytes

======Listing Processes======






wininit.exe

winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ef68f2fd-9a95-4d7e-9c44-94d1872cf3ad -SystemEventPortName:HostProcess-a3f40d5a-a836-4b77-a71e-992bd8eba455 -IoCancelEventPortName:HostProcess-4b7fb239-6577-4e8f-a865-9b560d2a9c5c -NonStateChangingEventPortName:HostProcess-c59b0beb-4a54-4664-90d4-d2feddb0d166 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:83932071-1f22-472a-aa81-f1cdec51a65d -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d4ff15ae-1d7c-4c2d-97ed-38881a0a8e08 -SystemEventPortName:HostProcess-6b48c6b4-0465-4255-9cb1-68969bfbe66c -IoCancelEventPortName:HostProcess-cb9443a3-7c7e-4319-a886-8b553c251f2a -NonStateChangingEventPortName:HostProcess-8db95840-39f7-4888-9e5d-abe642d62830 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:71382c74-3f7a-4192-b425-3363bfea8d4a -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7a093eb1-be51-46d4-8a43-7b99503a795c -SystemEventPortName:HostProcess-7953f794-0a1f-4b04-ab49-ed090c99ce6f -IoCancelEventPortName:HostProcess-17e777bf-53c6-4038-8687-3c5789f67faf -NonStateChangingEventPortName:HostProcess-eb695649-68fd-4f5a-9a4e-34ec72481e5d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5c5888d1-0ea4-4f65-bd98-47158c139b15 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-08b93875-0374-4af1-a48f-204be8e539c3 -SystemEventPortName:HostProcess-dc5fa36a-2061-489f-88e9-60fe3ae2423f -IoCancelEventPortName:HostProcess-21b67501-2ed3-44de-8acf-16501474e805 -NonStateChangingEventPortName:HostProcess-410926af-7082-413c-8fb3-1dbdd4380324 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:df67a23c-def0-4e33-8316-8c560ec8300e -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2b6eb4af-7ad7-48e1-88c5-af229044d2f5 -SystemEventPortName:HostProcess-60927665-e729-4f6e-9cf5-8877d514fee4 -IoCancelEventPortName:HostProcess-07077180-c71f-4e49-a6b7-29ef08f74750 -NonStateChangingEventPortName:HostProcess-60292735-797d-4cff-94a4-7df021e42ac2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:599be4e0-40a4-42da-af35-0871282a0d14 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\WLANExt.exe 331282519552
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
dashost.exe {adede3a6-f41f-4321-a1dcb1acbee44333}
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
C:\WINDOWS\system32\valWbioSyncSvc.exe

"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe" -default
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynFp\Shared\SensorDBSynch.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\lenovo\QuickSnipService\QuickSnipInput.exe"
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
taskhostex.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
igfxEM.exe
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe"
igfxHK.exe
igfxTray.exe
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\skydrive.exe -Embedding
"C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe"
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe" -default
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Lenovo\HOTKEY\extapsup.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe"
"C:\Program Files\Lenovo\Password Manager\password_manager.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6068.0.1864071784\1288553468" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3907 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6068 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6068.1.342105512\490001604" /prefetch:673131151
"C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6068 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6068.2.1343960962\785948283" /prefetch:673131151
"C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6068 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6068.3.1553840217\2024917820" /prefetch:673131151
"C:\Program Files (x86)\Absolute Software\Absolute Reminder\AbsoluteReminder.exe" -ShowOption -d
"C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe"
szndesktop.exe default start
"C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\USB Camera\VM331STI.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6068 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6068.5.118320882\1254269746" /prefetch:673131151
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6068 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6068.9.2023081046\1593448344" /prefetch:673131151
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0xb24_0x19e0_0x49d517e5b"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6068 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6068.13.1942670424\484781195" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6068.22.1378884636\1475132623" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6068 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6068.23.1403081238\1598228377" /prefetch:673131151

"C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe"
"C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe"
"C:\Program Files\Lenovo\Communications Utility\cammute.exe"
"C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe"
"C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe"
"C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe" ytidilav
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6068 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6068.63.829354041\2057180671" /prefetch:673131151
taskhost.exe
C:\WINDOWS\system32\GWX\GWX.exe /updateconfig
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6068 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6068.66.801699408\170844280" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6068 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6068.68.1808012548\1559828180" /prefetch:673131151
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe66_ Global\UsGthrCtrlFltPipeMssGthrPipe66 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
"C:\Users\Honza\Downloads\RSITx64.exe"

C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-08-14 453448]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe []
"Persistence"=C:\windows\system32\igfxpers.exe []
"LenovoOptMouseUpdate"=C:\Program Files\Lenovo\HOTKEY\extapsup.exe [2013-06-20 255480]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-05-21 7830328]
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2013-06-21 382248]
"LnvMobHotspotClient"=C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [2014-08-12 937968]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-08-05 87536]
"PasswordManager"=C:\Program Files\Lenovo\Password Manager\password_manager.exe [2014-06-23 1665824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-26 5583120]
"cz.seznam.software.autoupdate"=C:\Users\Honza\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2013-05-14 552960]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-09-16 134616]
"Fastboot"=C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [2014-06-15 735304]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-25 10:47:24 ----D---- C:\rsit
2015-06-25 10:47:24 ----D---- C:\Program Files\trend micro
2015-06-17 12:01:03 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\invagent.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\devinv.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\aepic.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\aepdu.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\system32\rastapi.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\system32\localspl.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\system32\compstui.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\SYSWOW64\rgb9rast.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\tquery.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\mssph.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\authz.dll
2015-06-16 13:27:17 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2015-06-16 13:27:17 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2015-06-16 13:27:17 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2015-06-16 13:27:17 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2015-06-16 13:27:17 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-16 13:27:17 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2015-06-16 13:27:17 ----A---- C:\WINDOWS\system32\mssvp.dll
2015-06-16 13:27:17 ----A---- C:\WINDOWS\system32\mssphtb.dll
2015-06-10 11:15:51 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2015-06-10 11:15:51 ----A---- C:\WINDOWS\system32\comctl32.dll
2015-06-10 11:15:50 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-06-10 11:15:49 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-06-10 11:15:47 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-06-10 11:15:47 ----A---- C:\WINDOWS\system32\wininet.dll
2015-06-10 11:15:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-06-10 11:15:46 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-06-10 11:15:46 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-06-10 11:15:45 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-06-10 11:15:45 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-06-10 11:15:44 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-06-10 11:15:44 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-06-10 11:15:43 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2015-06-10 11:15:43 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-06-10 11:15:43 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\system32\jscript.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-06-10 11:15:40 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-06-10 11:15:40 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-06-10 11:15:40 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-06-10 11:15:40 ----A---- C:\WINDOWS\system32\ieui.dll
2015-06-10 11:15:40 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-06-10 11:15:40 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 11:15:25 ----A---- C:\WINDOWS\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2015-06-25 10:47:37 ----D---- C:\WINDOWS\Prefetch
2015-06-25 10:47:24 ----RD---- C:\Program Files
2015-06-25 10:32:43 ----D---- C:\WINDOWS\system32\sru
2015-06-24 15:35:57 ----D---- C:\WINDOWS\system32\config
2015-06-24 15:31:08 ----D---- C:\WINDOWS\Temp
2015-06-24 15:30:18 ----D---- C:\WINDOWS\CbsTemp
2015-06-24 15:30:16 ----D---- C:\WINDOWS\WinSxS
2015-06-24 15:30:16 ----D---- C:\WINDOWS\SysWOW64
2015-06-24 06:08:52 ----D---- C:\WINDOWS\Microsoft.NET
2015-06-23 19:56:06 ----D---- C:\Users\Honza\AppData\Roaming\Seznam.cz
2015-06-23 17:49:31 ----RD---- C:\WINDOWS\System32
2015-06-23 17:49:31 ----D---- C:\WINDOWS\Inf
2015-06-23 17:49:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-23 17:45:09 ----D---- C:\ProgramData\Validity
2015-06-23 17:44:09 ----SD---- C:\WINDOWS\system32\CompatTel
2015-06-23 17:44:09 ----D---- C:\WINDOWS\system32\appraiser
2015-06-23 17:44:09 ----D---- C:\WINDOWS\apppatch
2015-06-23 17:44:08 ----RD---- C:\WINDOWS\ToastData
2015-06-23 17:44:07 ----D---- C:\WINDOWS\system32\DriverStore
2015-06-23 17:44:07 ----D---- C:\WINDOWS\system32\drivers
2015-06-23 17:43:34 ----D---- C:\WINDOWS\system32\catroot2
2015-06-23 17:41:58 ----D---- C:\Windows
2015-06-22 23:50:47 ----D---- C:\WINDOWS\system32\MRT
2015-06-22 23:47:29 ----A---- C:\WINDOWS\system32\MRT.exe
2015-06-22 23:47:11 ----SHD---- C:\System Volume Information
2015-06-20 05:02:45 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-06-15 22:29:47 ----D---- C:\WINDOWS\rescache
2015-06-15 17:07:14 ----A---- C:\IFRToolLog.txt
2015-06-13 13:45:17 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-06-13 13:45:17 ----D---- C:\WINDOWS\system32\cs-CZ
2015-06-13 13:45:17 ----D---- C:\WINDOWS\PolicyDefinitions
2015-06-13 13:45:17 ----D---- C:\Program Files\Internet Explorer
2015-06-13 13:45:17 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-13 09:06:42 ----SHD---- C:\WINDOWS\Installer
2015-06-13 09:06:01 ----D---- C:\ProgramData\Microsoft Help
2015-06-10 21:21:29 ----SD---- C:\Users\Honza\AppData\Roaming\Microsoft
2015-06-02 20:16:43 ----D---- C:\WINDOWS\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Fastboot;Fastboot; C:\WINDOWS\System32\DRIVERS\fastboot.sys [2014-06-15 61000]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-02 644968]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2013-08-19 77456]
R0 Shockprf;Shockprf; C:\WINDOWS\System32\DRIVERS\Apsx64.sys [2013-06-21 150272]
R0 TPDIGIMN;TPDIGIMN; C:\WINDOWS\System32\DRIVERS\ApsHM64.sys [2013-06-21 25856]
R1 SMIDriver;SMIDriver; C:\WINDOWS\system32\drivers\smi.sys [2014-07-21 19760]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwr64v.sys [2014-09-05 20736]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 AMPPAL;@oem44.inf,%AMPPAL.SVCDESC%;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\WINDOWS\System32\drivers\AMPPAL.sys [2013-07-29 165344]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btmhsf;btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [2013-08-02 1385272]
R3 CnxtHdAudService;@oem1.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2013-11-19 1464000]
R3 dtlitescsibus;@oem50.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-03-15 30352]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 ibtusb;@oem9.inf,%ibtusb.SVCDESC_IBT%;Aplikace Intel(R) Wireless Bluetooth(R) 4.0 a vysokorychlostní (HS) adaptér; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2013-08-20 113096]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-08-14 4786544]
R3 iwdbus;@oem21.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-07-28 27000]
R3 LnvHIDHW;@oem49.inf,%LnvHIDHW%;Lenovo HID Mini-driver for Hardware Radio Switch; C:\WINDOWS\System32\drivers\LnvHIDHW.sys [2014-04-07 29496]
R3 MEIx64;@oem41.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NETwNb64;@oem31.inf,___ %NIC_Service_DispName_WINB_64%;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 8.1 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwbw02.sys [2014-04-16 3440096]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-07-26 827096]
R3 RTSPER;@oem27.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-06-24 418008]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-04-07 31472]
R3 SynTP;@oem48.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-04-07 554224]
R3 usb3Hub;@oem22.inf,%usb3Hub.SVCDESC%;UoIP Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [2013-04-12 207256]
R3 vm331avs;@oem4.inf,%USBCamera.DeviceDesc2%;Digital Camera 1; C:\WINDOWS\System32\Drivers\vm331avs.sys [2013-09-11 1065344]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 AMPPALP;@oem45.inf,%AMPPALP_Desc%;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\WINDOWS\system32\DRIVERS\amppal.sys [2013-07-29 165344]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 intaud_WaveExtensible;@oem20.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-07-28 38264]
S3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-08-08 452088]
S3 NETwNe64;@oem28.inf,%NIC_Service_DispName_WIN8_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 8 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwew02.sys [2013-10-09 3648480]
S3 SWIX64;SWIX64; \??\C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [2012-09-13 33856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2014-02-05 772064]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-06-25 1132920]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-04-24 1153400]
R2 BrcmSetSecurity;BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [2013-04-12 101536]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-17 632048]
R2 FastbootService;FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2014-06-15 137288]
R2 IBMPMSVC;@oem37.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-08-14 324424]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-08-20 155448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 Lenovo QuickSnip Service;Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [2013-06-06 219976]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-09-16 2014664]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [2013-06-06 562504]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-04-07 110128]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-11 136288]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2014-06-10 470000]
R2 QuickControlMasterSvc;Lenovo QuickControl Master Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [2013-07-17 59384]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-17 154864]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-06-10 124400]
R2 ValBioService;ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [2013-09-05 24112]
R2 valWBFPolicyService;Validity WBF Policy Service; C:\WINDOWS\system32\valWBFPolicyService.exe [2014-07-21 49040]
R2 valWbioSyncSvc;@oem36.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization; C:\WINDOWS\system32\valWbioSyncSvc.exe [2014-07-21 32256]
R3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-08-05 599024]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-26 1272592]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-08-05 525296]
R3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-08-05 535024]
R3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-08-05 727536]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-09-05 1668896]
R3 QuickControlService;Lenovo QuickControl Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [2013-07-17 138232]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18 116648]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-08-14 276808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 intelsba;Intel(R) Small Business Advantage; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2013-07-26 54976]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 LnvHotSpotSvc;Lenovo Settings Mobile Hotspot Service; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [2014-08-12 474608]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-17 284912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-06-18 24560]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG64.exe [2013-06-21 49920]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zpomalený počítač

#2 Příspěvek od Márty84 »

Zdravim :)

:arrow: Pokud nepouzivate, odinstalujte Seznam Software.

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
EvNa
Návštěvník
Návštěvník
Příspěvky: 28
Registrován: 25 čer 2015 09:43

Re: Zpomalený počítač

#3 Příspěvek od EvNa »

Lg z AdwCleaneru:

# AdwCleaner v4.207 - Log vytvořen 25/06/2015 v 20:18:17
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-06-23.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Honza - LENE540
# Spuštěno z : C:\Users\Honza\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Users\Honza\AppData\Local\pokki

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v43.0.2357.130

[C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.slovackeleto.cz/?page=websearch&src ... earchTerms}

*************************

AdwCleaner[R0].txt - [1048 bytů] - [25/06/2015 20:16:26]
AdwCleaner[S0].txt - [968 bytů] - [25/06/2015 20:18:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1025 bytů] ##########
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zpomalený počítač

#4 Příspěvek od Márty84 »

:arrow: Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
EvNa
Návštěvník
Návštěvník
Příspěvky: 28
Registrován: 25 čer 2015 09:43

Re: Zpomalený počítač

#5 Příspěvek od EvNa »

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2015/06/25 23:36:36

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series Chipset Family SATA AHCI Controller [ATA]
- HGST HTS725050A7E630
- HL-DT-ST DVDRAM GU90N
- Řadič prostorů úložišť [SCSI]
+ DAEMON Tools Lite Virtual SCSI Bus [SCSI]
- DiscSoft Virtual SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) HGST HTS725050A7E630 : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) HGST HTS725050A7E630
----------------------------------------------------------------------------
Model : HGST HTS725050A7E630
Firmware : GH2ZB550
Serial Number : TF655BWJ07WS1R
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600
Power On Hours : 1646 hod.
Power On Count : 1011 krát
Temparature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 225 225 _33 001200000001 Čas na roztočení ploten
04 100 100 __0 0000000003F5 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _97 _97 __0 00000000066E Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 0000000003F3 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000041890015 Počet vypnutí disku
C1 _94 _94 __0 00000000FAD5 Počet cyklů načítání/vymazání
C2 166 166 __0 0030000F0024 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 5446 3635 574A 574A 3037 5753 3152
020: 0003 FFFF 0004 4748 325A 3530 3530 4847 5354 2048
030: 5453 3732 3530 3530 4137 3330 3330 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F0E 1F0E 0006 004C 004C
080: 01FC 0028 346B 7D69 6163 BC49 BC49 6163 007F 002F
090: 0030 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 6003 6003 74DC 5000 CCA7
110: C5C3 96BE 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 2182 1CF1 FA00 4000 4000 2000 0007 0000
140: 0000 0405 0306 0000 0000 0000 0000 0000 0000 0000
150: 0000 0005 325A 4235 0000 0000 0000 5DBD 9C20 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 59A5
Nahoru
EvNa
Návštěvník
Návštěvník
Příspěvky: 28
Registrován: 25 čer 2015 09:43

Re: Zpomalený počítač

#6 Příspěvek od EvNa »

Log z MBAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 25. 6. 2015
Čas skenování: 23:41:18
Protokol: mbam.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.06.25.06
Databáze rootkitů: v2015.06.22.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Honza

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 599790
Uplynulý čas: 1 hod, 8 min, 50 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 2
PUP.Optional.OpenCandy, C:\Users\Honza\AppData\Roaming\OpenCandy, , [7d6d318dcebce05631b08e33ca391ce4],
PUP.Optional.OpenCandy, C:\Users\Honza\AppData\Roaming\OpenCandy\OpenCandy_F0B578936D4B465E8AAA0501D84E7605, , [7d6d318dcebce05631b08e33ca391ce4],

Soubory: 3
PUP.Optional.Somoto.SID.A, C:\Users\Honza\AppData\Local\Microsoft\Windows\INetCache\IE\JX10PGAV\setup[1].exe, , [876387372466c373fe177313f80edb25],
PUP.Optional.Somoto.SID.A, C:\Users\Honza\AppData\Local\Temp\nsl23A6.tmp, , [7a702c92f397320422f39fe7dd292dd3],
PUP.Optional.OpenCandy, C:\Users\Honza\AppData\Roaming\OpenCandy\OpenCandy_F0B578936D4B465E8AAA0501D84E7605\PCTU-CS-1-day-2200632.exe, , [7d6d318dcebce05631b08e33ca391ce4],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zpomalený počítač

#7 Příspěvek od Márty84 »

Vsechny nalezy MBAM nechte odstranit (nebo do karanteny). Po odstraneni a restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
EvNa
Návštěvník
Návštěvník
Příspěvky: 28
Registrován: 25 čer 2015 09:43

Re: Zpomalený počítač

#8 Příspěvek od EvNa »

Test jsem zopakovala a neodhalil žádnou další hrozbu.
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zpomalený počítač

#9 Příspěvek od Márty84 »

:arrow: MBAM muzete odinstalovat.

:arrow: Dejte novy log z RSIT

a k tomu

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
EvNa
Návštěvník
Návštěvník
Příspěvky: 28
Registrován: 25 čer 2015 09:43

Re: Zpomalený počítač

#10 Příspěvek od EvNa »

Log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2015-06-28 09:22:13
Microsoft Windows 8.1
System drive C: has 358 GB (78%) free of 461 GB
Total RAM: 3991 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:22:15, on 28. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13-comm.msn.com/?pc=LNJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13-comm.msn.com/?pc=LNJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: BrcmSetSecurity - Intel - C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem37.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel(R) Small Business Advantage (intelsba) - Intel Corporation - C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo QuickSnip Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Settings Mobile Hotspot Service (LnvHotSpotSvc) - Lenovo - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\WINDOWS\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: ValBioService - Validity Sensors, Inc. - C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @oem36.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\WINDOWS\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13780 bytes

======Listing Processes======





wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4f9c9014-140d-42f5-824c-bd15e9de79cc -SystemEventPortName:HostProcess-26edc2da-3adf-4277-b3b9-79ad0f3aff92 -IoCancelEventPortName:HostProcess-f28dc452-2c7b-460d-8f83-a193fbb2e4b9 -NonStateChangingEventPortName:HostProcess-6046d61a-180c-4b24-8750-4c44d1e2f78a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ce8eb885-3a23-477e-aa2f-80f4da2ff850 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-19444496-bd69-4ac1-839f-c68676305bc7 -SystemEventPortName:HostProcess-4778d913-4712-4097-ab3f-585dd81be99a -IoCancelEventPortName:HostProcess-fe29aaf3-ccf2-4913-9294-3c5668ccac87 -NonStateChangingEventPortName:HostProcess-26869592-b1b7-49bd-aa55-a60aba88689d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bf685361-92f5-45a7-a791-164e7ea2e4b8 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e7ebd6ce-ad1f-42be-970f-d20c8d64147a -SystemEventPortName:HostProcess-444e08a6-db39-47e7-8ad3-b28b5e10e59d -IoCancelEventPortName:HostProcess-7ad6a75e-8412-4cd5-a0f2-a8acdae55e07 -NonStateChangingEventPortName:HostProcess-9f643265-0f66-4034-9e41-60fccabd0803 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9b28ad87-b8e0-49b7-b051-44f4176db34e -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3b2f7852-7fac-42f1-801d-a15532f5bd07 -SystemEventPortName:HostProcess-2853a3ac-f545-4aa2-8e98-6816ba68865c -IoCancelEventPortName:HostProcess-c603b0d6-34ea-4a99-8ec7-0eb8dd4e88e7 -NonStateChangingEventPortName:HostProcess-cb1e6e52-e83d-4b39-b3fc-2a8ae1b711a0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5962d2b1-d45d-40a5-9774-1f0948467631 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cb1393e8-7a6a-430d-a4d9-07d5301aa206 -SystemEventPortName:HostProcess-450138ee-d0e0-415e-a0c8-7a9df8ee8565 -IoCancelEventPortName:HostProcess-815b6ac3-4983-411c-be11-8a2017923994 -NonStateChangingEventPortName:HostProcess-8337699a-9392-406a-809c-ef0aecaf44da -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:85e4d928-ef15-43f5-8ff4-17ba9e302fdd -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\WLANExt.exe 922778202912
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {96b3b26a-4889-4f57-b3d663e56c083578}
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
C:\WINDOWS\system32\valWbioSyncSvc.exe

"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0xdf0_0x1638_0x5e0515fe"
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe" -default
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Synaptics\SynFp\Shared\SensorDBSynch.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\Explorer.EXE
"C:\Program Files\lenovo\QuickSnipService\QuickSnipInput.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2292
"C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe" ytidilav
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Lenovo\HOTKEY\extapsup.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe"
"C:\Program Files\Lenovo\Password Manager\password_manager.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe"
"C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe"
"C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe"
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files (x86)\USB Camera\VM331STI.EXE"
"C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3808.0.681042803\792215702" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3907 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3808 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3808.1.872533164\1046265098" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3808 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3808.2.1952749346\41195818" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3808 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3808.3.1101034370\1027971478" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3808 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3808.6.922354525\598581641" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3808 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3808.8.1571779955\1912311946" /prefetch:673131151
"C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3808 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3808.11.1321309543\827380690" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3808.17.429687155\1597841849" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3808 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3808.18.1444008498\236529507" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3808 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="3808.20.2079586329\70109667" /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe29_ Global\UsGthrCtrlFltPipeMssGthrPipe29 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Honza\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-08-14 453448]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe []
"Persistence"=C:\windows\system32\igfxpers.exe []
"LenovoOptMouseUpdate"=C:\Program Files\Lenovo\HOTKEY\extapsup.exe [2013-06-20 255480]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-05-21 7830328]
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2013-06-21 382248]
"LnvMobHotspotClient"=C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [2014-08-12 937968]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-08-05 87536]
"PasswordManager"=C:\Program Files\Lenovo\Password Manager\password_manager.exe [2014-06-23 1665824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-26 5583120]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2013-05-14 552960]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-09-16 134616]
"Fastboot"=C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [2014-06-15 735304]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-25 23:39:55 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-06-25 23:39:38 ----D---- C:\ProgramData\Malwarebytes
2015-06-25 23:39:38 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-25 23:39:38 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2015-06-25 23:39:38 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-06-25 23:39:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-06-25 20:29:23 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2015-06-25 20:29:21 ----A---- C:\WINDOWS\system32\authuitu.dll
2015-06-25 20:29:19 ----A---- C:\WINDOWS\SYSWOW64\authuitu.dll
2015-06-25 20:29:09 ----D---- C:\Users\Honza\AppData\Roaming\AVG
2015-06-25 20:29:06 ----D---- C:\Program Files (x86)\AVG
2015-06-25 20:28:49 ----HD---- C:\ProgramData\Common Files
2015-06-25 20:28:49 ----D---- C:\ProgramData\AVG
2015-06-25 20:27:33 ----D---- C:\Users\Honza\AppData\Roaming\uTorrent
2015-06-25 20:16:22 ----D---- C:\AdwCleaner
2015-06-25 10:47:24 ----D---- C:\rsit
2015-06-25 10:47:24 ----D---- C:\Program Files\trend micro
2015-06-17 12:01:03 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\invagent.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\devinv.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\aepic.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\aepdu.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-06-17 12:01:02 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\system32\rastapi.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\system32\localspl.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-06-16 13:27:19 ----A---- C:\WINDOWS\system32\compstui.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\SYSWOW64\rgb9rast.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\tquery.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\mssph.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2015-06-16 13:27:18 ----A---- C:\WINDOWS\system32\authz.dll
2015-06-16 13:27:17 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2015-06-16 13:27:17 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2015-06-16 13:27:17 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2015-06-16 13:27:17 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2015-06-16 13:27:17 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-16 13:27:17 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2015-06-16 13:27:17 ----A---- C:\WINDOWS\system32\mssvp.dll
2015-06-16 13:27:17 ----A---- C:\WINDOWS\system32\mssphtb.dll
2015-06-10 11:15:51 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2015-06-10 11:15:51 ----A---- C:\WINDOWS\system32\comctl32.dll
2015-06-10 11:15:50 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-06-10 11:15:49 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-06-10 11:15:47 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-06-10 11:15:47 ----A---- C:\WINDOWS\system32\wininet.dll
2015-06-10 11:15:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-06-10 11:15:46 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-06-10 11:15:46 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-06-10 11:15:45 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-06-10 11:15:45 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-06-10 11:15:44 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-06-10 11:15:44 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-06-10 11:15:43 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2015-06-10 11:15:43 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-06-10 11:15:43 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\system32\jscript.dll
2015-06-10 11:15:42 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 11:15:41 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-06-10 11:15:40 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-06-10 11:15:40 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-06-10 11:15:40 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-06-10 11:15:40 ----A---- C:\WINDOWS\system32\ieui.dll
2015-06-10 11:15:40 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-06-10 11:15:40 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 11:15:25 ----A---- C:\WINDOWS\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2015-06-28 09:21:58 ----D---- C:\WINDOWS\Prefetch
2015-06-28 09:14:46 ----D---- C:\WINDOWS\Temp
2015-06-28 09:00:02 ----D---- C:\WINDOWS\system32\sru
2015-06-27 23:01:04 ----D---- C:\WINDOWS\Inf
2015-06-27 22:43:12 ----SHD---- C:\System Volume Information
2015-06-27 15:45:16 ----D---- C:\WINDOWS\Microsoft.NET
2015-06-26 20:46:54 ----D---- C:\ProgramData\Validity
2015-06-26 00:58:25 ----D---- C:\WINDOWS\system32\Tasks
2015-06-25 23:39:55 ----D---- C:\WINDOWS\system32\drivers
2015-06-25 23:39:38 ----RD---- C:\Program Files (x86)
2015-06-25 23:39:38 ----HD---- C:\ProgramData
2015-06-25 20:29:31 ----SHD---- C:\WINDOWS\Installer
2015-06-25 20:29:23 ----RD---- C:\WINDOWS\System32
2015-06-25 20:29:19 ----D---- C:\WINDOWS\SysWOW64
2015-06-25 20:28:54 ----D---- C:\Windows
2015-06-25 20:25:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-25 20:14:24 ----D---- C:\Users\Honza\AppData\Roaming\Seznam.cz
2015-06-25 20:14:17 ----D---- C:\Program Files (x86)\Seznam.cz
2015-06-25 10:47:24 ----RD---- C:\Program Files
2015-06-24 15:35:57 ----D---- C:\WINDOWS\system32\config
2015-06-24 15:30:18 ----D---- C:\WINDOWS\CbsTemp
2015-06-24 15:30:16 ----D---- C:\WINDOWS\WinSxS
2015-06-23 17:44:09 ----SD---- C:\WINDOWS\system32\CompatTel
2015-06-23 17:44:09 ----D---- C:\WINDOWS\system32\appraiser
2015-06-23 17:44:09 ----D---- C:\WINDOWS\apppatch
2015-06-23 17:44:08 ----RD---- C:\WINDOWS\ToastData
2015-06-23 17:44:07 ----D---- C:\WINDOWS\system32\DriverStore
2015-06-23 17:43:34 ----D---- C:\WINDOWS\system32\catroot2
2015-06-22 23:50:47 ----D---- C:\WINDOWS\system32\MRT
2015-06-22 23:47:29 ----A---- C:\WINDOWS\system32\MRT.exe
2015-06-20 05:02:45 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-06-15 22:29:47 ----D---- C:\WINDOWS\rescache
2015-06-15 17:07:14 ----A---- C:\IFRToolLog.txt
2015-06-13 13:45:17 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-06-13 13:45:17 ----D---- C:\WINDOWS\system32\cs-CZ
2015-06-13 13:45:17 ----D---- C:\WINDOWS\PolicyDefinitions
2015-06-13 13:45:17 ----D---- C:\Program Files\Internet Explorer
2015-06-13 13:45:17 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-13 09:06:01 ----D---- C:\ProgramData\Microsoft Help
2015-06-10 21:21:29 ----SD---- C:\Users\Honza\AppData\Roaming\Microsoft
2015-06-02 20:16:43 ----D---- C:\WINDOWS\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Fastboot;Fastboot; C:\WINDOWS\System32\DRIVERS\fastboot.sys [2014-06-15 61000]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-02 644968]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2013-08-19 77456]
R0 Shockprf;Shockprf; C:\WINDOWS\System32\DRIVERS\Apsx64.sys [2013-06-21 150272]
R0 TPDIGIMN;TPDIGIMN; C:\WINDOWS\System32\DRIVERS\ApsHM64.sys [2013-06-21 25856]
R1 SMIDriver;SMIDriver; C:\WINDOWS\system32\drivers\smi.sys [2014-07-21 19760]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwr64v.sys [2014-09-05 20736]
R3 AMPPAL;@oem44.inf,%AMPPAL.SVCDESC%;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\WINDOWS\System32\drivers\AMPPAL.sys [2013-07-29 165344]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btmhsf;btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [2013-08-02 1385272]
R3 CnxtHdAudService;@oem1.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2013-11-19 1464000]
R3 dtlitescsibus;@oem50.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-03-15 30352]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 ibtusb;@oem9.inf,%ibtusb.SVCDESC_IBT%;Aplikace Intel(R) Wireless Bluetooth(R) 4.0 a vysokorychlostní (HS) adaptér; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2013-08-20 113096]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-08-14 4786544]
R3 iwdbus;@oem21.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-07-28 27000]
R3 LnvHIDHW;@oem49.inf,%LnvHIDHW%;Lenovo HID Mini-driver for Hardware Radio Switch; C:\WINDOWS\System32\drivers\LnvHIDHW.sys [2014-04-07 29496]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MEIx64;@oem41.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NETwNb64;@oem31.inf,___ %NIC_Service_DispName_WINB_64%;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 8.1 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwbw02.sys [2014-04-16 3440096]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-07-26 827096]
R3 RTSPER;@oem27.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-06-24 418008]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-04-07 31472]
R3 SynTP;@oem48.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-04-07 554224]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2015-05-15 14112]
R3 usb3Hub;@oem22.inf,%usb3Hub.SVCDESC%;UoIP Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [2013-04-12 207256]
R3 vm331avs;@oem4.inf,%USBCamera.DeviceDesc2%;Digital Camera 1; C:\WINDOWS\System32\Drivers\vm331avs.sys [2013-09-11 1065344]
S3 AMPPALP;@oem45.inf,%AMPPALP_Desc%;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\WINDOWS\system32\DRIVERS\amppal.sys [2013-07-29 165344]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 intaud_WaveExtensible;@oem20.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-07-28 38264]
S3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-08-08 452088]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-04-14 64216]
S3 NETwNe64;@oem28.inf,%NIC_Service_DispName_WIN8_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 8 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwew02.sys [2013-10-09 3648480]
S3 SWIX64;SWIX64; \??\C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [2012-09-13 33856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2014-02-05 772064]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-06-25 1132920]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-04-24 1153400]
R2 BrcmSetSecurity;BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [2013-04-12 101536]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-17 632048]
R2 FastbootService;FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2014-06-15 137288]
R2 IBMPMSVC;@oem37.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-08-14 324424]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-08-20 155448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 Lenovo QuickSnip Service;Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [2013-06-06 219976]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-09-16 2014664]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [2013-06-06 562504]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-04-07 110128]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-11 136288]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2014-06-10 470000]
R2 QuickControlMasterSvc;Lenovo QuickControl Master Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [2013-07-17 59384]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-17 154864]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-06-10 124400]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2015-05-15 2967864]
R2 ValBioService;ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [2013-09-05 24112]
R2 valWBFPolicyService;Validity WBF Policy Service; C:\WINDOWS\system32\valWBFPolicyService.exe [2014-07-21 49040]
R2 valWbioSyncSvc;@oem36.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization; C:\WINDOWS\system32\valWbioSyncSvc.exe [2014-07-21 32256]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-26 1272592]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-09-05 1668896]
R3 QuickControlService;Lenovo QuickControl Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [2013-07-17 138232]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-08-05 599024]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-08-14 276808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 intelsba;Intel(R) Small Business Advantage; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2013-07-26 54976]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-08-05 525296]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-08-05 535024]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-08-05 727536]
S3 LnvHotSpotSvc;Lenovo Settings Mobile Hotspot Service; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [2014-08-12 474608]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-17 284912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-06-18 24560]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG64.exe [2013-06-21 49920]

-----------------EOF-----------------
Nahoru
EvNa
Návštěvník
Návštěvník
Příspěvky: 28
Registrován: 25 čer 2015 09:43

Re: Zpomalený počítač

#11 Příspěvek od EvNa »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
Ran by Honza (administrator) on LENE540 on 28-06-2015 09:29:05
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: admin & Honza)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\QuickSnipService\QuickSnipService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Lenovo) C:\Program Files\Lenovo\QuickSnipService\QuickSnipInput.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [453448 2014-08-14] ()
HKLM\...\Run: [HotKeysCmds] => "C:\windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\windows\system32\igfxpers.exe"
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [382248 2013-06-21] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1665824 2014-06-23] (Lenovo Group Limited)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [735304 2014-06-15] (Lenovo)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\...\MountPoints2: {94d953d8-f416-11e3-be6d-806e6f6e6963} - "D:\cont32.exe" dg_komplet.ctx
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\...\MountPoints2: {cad74b49-c8f4-11e4-be8b-a0a8cd3b99d9} - "E:\Setup.exe"
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-246204125-3151204470-2281823484-1002 -> {51EB9244-6900-4861-BEC5-ACA382E501C6} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-20]
CHR Extension: (Google Docs) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-20]
CHR Extension: (Google Drive) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-20]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-03-15]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-03-15]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-20]
CHR Extension: (Google Search) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-20]
CHR Extension: (Google Sheets) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-20]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2014-09-20]
CHR Extension: (Google Wallet) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-20]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-03-15]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-20]
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [599024 2014-08-05] (Lenovo Corporation)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-12] (Intel)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [137288 2014-06-15] (Lenovo) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-14] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-08-20] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2013-07-26] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [219976 2013-06-06] (LENOVO INCORPORATED.)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014664 2014-09-16] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [562504 2013-06-06] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [727536 2014-08-05] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
S3 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [470000 2014-06-10] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
R2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59384 2013-07-17] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [138232 2013-07-17] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2967864 2015-05-15] (AVG Technologies)
R2 ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [24112 2013-09-05] (Validity Sensors, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49040 2014-07-21] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\Windows\system32\valWbioSyncSvc.exe [32256 2014-07-21] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-08-02] (Motorola Solutions, Inc.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-03-15] (Disc Soft Ltd)
R0 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [61000 2014-06-15] (Windows (R) Win 7 DDK provider) [File not signed]
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [113096 2013-08-20] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77456 2013-08-19] (Intel Corporation)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3440096 2014-04-16] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-09] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [418008 2013-06-24] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-04-07] (Synaptics Incorporated)
R1 SMIDriver; C:\Windows\System32\drivers\smi.sys [19760 2014-07-21] (Windows (R) Win 7 DDK provider)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2012-09-13] (Lenovo Group Limited)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-05-15] (TuneUp Software)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207256 2013-04-12] (Windows (R) Win 7 DDK provider)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1065344 2013-09-11] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-28 09:29 - 2015-06-28 09:29 - 00020826 _____ C:\Users\Honza\Desktop\FRST.txt
2015-06-28 09:28 - 2015-06-28 09:29 - 00000000 ____D C:\FRST
2015-06-28 09:26 - 2015-06-28 09:26 - 00112640 _____ (forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe
2015-06-28 09:24 - 2015-06-28 09:25 - 02112512 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2015-06-28 09:21 - 2015-06-28 09:21 - 01222144 _____ C:\Users\Honza\Downloads\RSITx64 (1).exe
2015-06-27 21:46 - 2015-06-27 21:46 - 00029037 _____ C:\Users\Honza\Downloads\hp1.torrent
2015-06-27 21:44 - 2015-06-27 21:44 - 00021877 _____ C:\Users\Honza\Downloads\Harry Potter a Kámen Mudrců.torrent
2015-06-26 01:00 - 2015-06-26 01:00 - 00001769 _____ C:\Users\Honza\Desktop\mbam.txt
2015-06-26 00:58 - 2015-06-26 00:58 - 00002762 _____ C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-06-25 23:39 - 2015-06-27 00:54 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-25 23:39 - 2015-06-25 23:39 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-25 23:39 - 2015-06-25 23:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-25 23:39 - 2015-06-25 23:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-25 23:39 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-25 23:39 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-25 23:39 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-25 23:38 - 2015-06-25 23:38 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Honza\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-25 23:35 - 2015-06-25 23:36 - 00000000 ____D C:\Users\Honza\Desktop\crystaldiskinfo
2015-06-25 23:34 - 2015-06-25 23:34 - 01496172 _____ C:\Users\Honza\Downloads\CrystalDiskInfo5_0_0.zip
2015-06-25 20:36 - 2015-06-27 23:01 - 00000000 ____D C:\Users\Honza\Desktop\Filmy
2015-06-25 20:29 - 2015-06-25 20:29 - 00002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2015-06-25 20:29 - 2015-06-25 20:29 - 00002244 _____ C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk
2015-06-25 20:29 - 2015-06-25 20:29 - 00002230 _____ C:\Users\Public\Desktop\AVG údržba 1 kliknutím.lnk
2015-06-25 20:29 - 2015-06-25 20:29 - 00000000 ____D C:\Users\Honza\AppData\Roaming\AVG
2015-06-25 20:29 - 2015-06-25 20:29 - 00000000 ____D C:\Users\Honza\AppData\Local\Avg
2015-06-25 20:29 - 2015-06-25 20:29 - 00000000 ____D C:\Program Files (x86)\AVG
2015-06-25 20:29 - 2015-05-15 15:57 - 00041784 _____ (AVG Technologies) C:\WINDOWS\system32\TURegOpt.exe
2015-06-25 20:29 - 2015-05-15 15:57 - 00030520 _____ (AVG Technologies) C:\WINDOWS\system32\authuitu.dll
2015-06-25 20:29 - 2015-05-15 15:57 - 00025912 _____ (AVG Technologies) C:\WINDOWS\SysWOW64\authuitu.dll
2015-06-25 20:28 - 2015-06-25 20:29 - 00000000 ____D C:\ProgramData\AVG
2015-06-25 20:28 - 2015-06-25 20:28 - 00000870 _____ C:\Users\Honza\Desktop\µTorrent.lnk
2015-06-25 20:28 - 2015-06-25 20:28 - 00000850 _____ C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-06-25 20:27 - 2015-06-28 01:50 - 00000000 ____D C:\Users\Honza\AppData\Roaming\uTorrent
2015-06-25 20:27 - 2015-06-25 20:27 - 01994592 _____ (BitTorrent Inc.) C:\Users\Honza\Downloads\uTorrent.exe
2015-06-25 20:16 - 2015-06-25 20:18 - 00000000 ____D C:\AdwCleaner
2015-06-25 20:14 - 2015-06-25 20:14 - 02244096 _____ C:\Users\Honza\Desktop\adwcleaner_4.207.exe
2015-06-25 10:47 - 2015-06-28 09:22 - 00000000 ____D C:\Program Files\trend micro
2015-06-25 10:47 - 2015-06-25 10:47 - 00000000 ____D C:\rsit
2015-06-25 10:46 - 2015-06-25 10:46 - 01222144 _____ C:\Users\Honza\Downloads\RSITx64.exe
2015-06-23 17:42 - 2015-06-23 17:42 - 00291552 _____ C:\WINDOWS\Minidump\062315-34890-01.dmp
2015-06-17 12:01 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-17 12:01 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-17 12:01 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-17 12:01 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-17 12:01 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-17 12:01 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-17 12:01 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-17 12:01 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-16 13:27 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-16 13:27 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-16 13:27 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-16 13:27 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-16 13:27 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-16 13:27 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-16 13:27 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-16 13:27 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-16 13:27 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-16 13:27 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-16 13:27 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-16 13:27 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-16 13:27 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-16 13:27 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-16 13:27 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-16 13:27 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-16 13:27 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-16 13:27 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-16 13:27 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-16 13:27 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-16 13:27 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-16 13:27 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-16 13:27 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-16 13:27 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-16 13:27 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-16 13:27 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-16 13:27 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-16 13:27 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-16 13:27 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-16 13:27 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-10 21:21 - 2015-06-28 08:39 - 00000000 ___RD C:\Users\Honza\OneDrive
2015-06-10 21:01 - 2015-06-10 21:01 - 42897024 _____ (Skype Technologies S.A.) C:\Users\Honza\Downloads\SkypeSetupFull.exe
2015-06-10 11:15 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 11:15 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 11:15 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 11:15 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 11:15 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 11:15 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 11:15 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 11:15 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 11:15 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 11:15 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 11:15 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 11:15 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 11:15 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 11:15 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 11:15 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 11:15 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 11:15 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 11:15 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 11:15 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 11:15 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 11:15 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 11:15 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 11:15 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 11:15 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 11:15 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 11:15 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 11:15 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 11:15 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 11:15 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 11:15 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 11:15 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 11:15 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 11:15 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 11:15 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 11:15 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 11:15 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 11:15 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 11:15 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 11:15 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 11:15 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 11:15 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-10 11:15 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 11:15 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-03 20:37 - 2015-06-03 20:37 - 00000000 ____D C:\Users\Honza\AppData\Local\GWX
2015-05-30 18:30 - 2015-02-18 13:26 - 00000000 ____D C:\Users\Honza\Desktop\stav. konstrukce
2015-05-30 18:29 - 2015-05-30 18:29 - 04272085 _____ C:\Users\Honza\Downloads\stav. konstrukce.rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-28 09:26 - 2015-03-15 12:38 - 00000000 __SHD C:\Users\Honza\AppData\Local\EmieBrowserModeList
2015-06-28 09:26 - 2014-09-29 12:55 - 00000000 __SHD C:\Users\Honza\AppData\Local\EmieUserList
2015-06-28 09:26 - 2014-09-29 12:55 - 00000000 __SHD C:\Users\Honza\AppData\Local\EmieSiteList
2015-06-28 09:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-28 08:59 - 2014-09-19 05:15 - 01207275 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-28 08:49 - 2013-08-22 16:46 - 00361496 _____ C:\WINDOWS\setupact.log
2015-06-28 08:40 - 2014-06-15 01:33 - 716075008 ___SH C:\WINDOWS\lenovo_fastboot.img
2015-06-28 08:39 - 2014-09-20 19:39 - 00000280 _____ C:\Users\Honza\AppData\Local\RegisteredPackageInformation.xml
2015-06-28 08:39 - 2014-09-18 15:11 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-28 01:34 - 2014-09-18 15:11 - 00000976 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-26 20:46 - 2014-06-15 01:33 - 00000000 ____D C:\ProgramData\Validity
2015-06-26 20:46 - 2014-03-18 09:20 - 00017328 _____ C:\WINDOWS\PFRO.log
2015-06-26 20:46 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-26 20:46 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-06-25 23:36 - 2014-09-20 19:40 - 00048919 _____ C:\Users\Honza\AppData\Roaming\AbsoluteReminder.xml
2015-06-25 23:14 - 2014-09-20 19:44 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-246204125-3151204470-2281823484-1002
2015-06-25 20:49 - 2014-09-20 19:39 - 00000000 ____D C:\Users\Honza\AppData\Local\VirtualStore
2015-06-25 20:25 - 2014-03-18 17:33 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-25 20:25 - 2014-03-18 16:54 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2015-06-25 20:25 - 2014-03-18 16:54 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2015-06-25 20:18 - 2014-09-20 19:38 - 00000000 ____D C:\Users\Honza
2015-06-25 20:14 - 2015-03-15 12:42 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Seznam.cz
2015-06-25 20:14 - 2015-03-15 12:42 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-06-24 15:30 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-23 18:05 - 2014-09-18 22:38 - 00033783 _____ C:\WINDOWS\SysWOW64\QuickControlService.dmp
2015-06-23 17:44 - 2015-04-15 22:20 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-23 17:44 - 2015-03-12 22:05 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-23 17:44 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-23 17:41 - 2014-12-31 11:35 - 739571228 _____ C:\WINDOWS\MEMORY.DMP
2015-06-22 23:50 - 2014-09-19 03:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-22 23:47 - 2014-09-19 03:16 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-22 22:34 - 2014-09-18 15:11 - 00002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-20 05:02 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-15 22:29 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-13 13:47 - 2013-08-22 16:44 - 00494680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-13 13:45 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-13 09:06 - 2014-09-19 08:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-02 20:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2014-09-20 19:40 - 2015-06-25 23:36 - 0048919 _____ () C:\Users\Honza\AppData\Roaming\AbsoluteReminder.xml
2014-09-20 19:39 - 2015-06-28 08:39 - 0000280 _____ () C:\Users\Honza\AppData\Local\RegisteredPackageInformation.xml
2014-06-15 01:32 - 2014-06-15 01:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-06-15 01:36 - 2014-06-15 01:36 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2014-06-15 01:34 - 2014-06-15 01:35 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-06-15 01:35 - 2014-06-15 01:36 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2014-06-15 01:36 - 2014-06-15 01:36 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log

Some files in TEMP:
====================
C:\Users\admin\AppData\Local\Temp\ose00000.exe
C:\Users\Honza\AppData\Local\Temp\bitool.dll
C:\Users\Honza\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\Honza\AppData\Local\Temp\Quarantine.exe
C:\Users\Honza\AppData\Local\Temp\sqlite3.dll
C:\Users\Honza\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-22 23:43




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Windows8_OS) (Fixed) (Total:450.51 GB) (Free:349.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (deg_4_0) (CDROM) (Total:0.14 GB) (Free:0 GB) CDFS
Drive e: () (CDROM) (Total:12.29 GB) (Free:0 GB) CDFS

Available physical RAM: 1505.54 MB
Total physical RAM: 3991.46 MB
Percentage of memory in use: 62%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 465.8 GB) (Disk ID: E30425A1)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\Honza\OneDrive:ms-properties

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Honza\Desktop" je 14463 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zpomalený počítač

#12 Příspěvek od Márty84 »

:!: Pozor na pouzivani TuneUp. Dokaze to nadelat peknou paseku :boxed:

EvNa píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Honza\Desktop" je 14463 MB.
:arrow: Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku :)




:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)

HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad

2015-06-25 23:38 - 2015-06-25 23:38 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Honza\Downloads\mbam-setup-2.1.6.1022.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18 116648]

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
EvNa
Návštěvník
Návštěvník
Příspěvky: 28
Registrován: 25 čer 2015 09:43

Re: Zpomalený počítač

#13 Příspěvek od EvNa »

Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by Honza at 2015-06-28 16:51:53 Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: admin & Honza)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)

HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad

2015-06-25 23:38 - 2015-06-25 23:38 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Honza\Downloads\mbam-setup-2.1.6.1022.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18 116648]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value removed successfully
HKU\S-1-5-21-246204125-3151204470-2281823484-1002\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value removed successfully
C:\Users\Honza\Downloads\mbam-setup-2.1.6.1022.exe => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
gupdate => Service removed successfully
gupdatem => Service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 576 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 16:52:30 ====
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zpomalený počítač

#14 Příspěvek od Márty84 »

:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak je na tom pc.




18.7. pro neaktivitu :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“