Dobrý den,
prosím o pomoc se zavirovaným notebookem
Díky
Danča
Logfile of random's system information tool 1.10 (written by random/random)
Run by Daniela at 2015-12-26 12:53:03
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 302 GB (69%) free of 435 GB
Total RAM: 3978 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:53:19, on 26. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\plugin.exe
C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\3\plugin.exe
C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\12\plugin.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Daniela\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Daniela.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 82DAC4A1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://unstopp.me/wpad.dat?233f6bf4b580 ... 4222627204
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Discover Treasure - {bfa55139-82af-4663-a19b-e135dac8d043} - C:\Program Files (x86)\Discover Treasure\Extensions\bfa55139-82af-4663-a19b-e135dac8d043.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [Pokki] "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BingSvc] C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Service Mgr DiscoverTreasure - Unknown owner - C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugincontainer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Mgr DiscoverTreasure - Unknown owner - C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe
O23 - Service: USBBKSvc - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe
O23 - Service: @oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\windows\System32\valWBFPolicyService.exe (file missing)
O23 - Service: BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\windows\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 10864 bytes
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bfa55139-82af-4663-a19b-e135dac8d043}]
Discover Treasure - C:\Program Files (x86)\Discover Treasure\Extensions\bfa55139-82af-4663-a19b-e135dac8d043.dll [2015-12-15 144072]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pokki"=C:\Users\Daniela\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [2014-10-11 6513480]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2014-03-31 4272840]
"BingSvc"=C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-12-09 144008]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-11-30 50509440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-26 12:53:04 ----D---- C:\Program Files (x86)\trend micro
2015-12-26 12:53:03 ----D---- C:\rsit
2015-12-26 12:26:36 ----A---- C:\windows\ntbtlog.txt
2015-12-21 14:16:08 ----A---- C:\windows\SysWOW64\aspnet_counters.dll
2015-12-15 23:33:20 ----D---- C:\Program Files (x86)\SimpleFiles
2015-12-15 23:15:08 ----D---- C:\Users\Daniela\AppData\Roaming\SimpleFiles
2015-12-15 23:14:31 ----D---- C:\ProgramData\Tmp0x0x
2015-12-15 23:14:31 ----D---- C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77
2015-12-15 23:14:31 ----D---- C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77
2015-12-15 23:14:29 ----D---- C:\Program Files (x86)\Discover Treasure
2015-12-10 18:19:34 ----D---- C:\Users\Daniela\AppData\Roaming\Maxthon3
2015-12-09 10:20:09 ----A---- C:\windows\SysWOW64\schannel.dll
2015-12-09 10:20:09 ----A---- C:\windows\SysWOW64\ncryptsslp.dll
2015-12-09 10:20:09 ----A---- C:\windows\SysWOW64\bcryptprimitives.dll
2015-12-09 10:20:08 ----A---- C:\windows\SysWOW64\ncrypt.dll
2015-12-09 10:19:45 ----A---- C:\windows\SysWOW64\untfs.dll
2015-12-09 10:19:40 ----A---- C:\windows\SysWOW64\gdi32.dll
2015-12-09 10:17:47 ----A---- C:\windows\SysWOW64\mshtml.dll
2015-12-09 10:17:26 ----A---- C:\windows\SysWOW64\jscript9.dll
2015-12-09 10:17:25 ----A---- C:\windows\SysWOW64\ieframe.dll
2015-12-09 10:17:23 ----A---- C:\windows\SysWOW64\wininet.dll
2015-12-09 10:17:23 ----A---- C:\windows\SysWOW64\vbscript.dll
2015-12-09 10:17:23 ----A---- C:\windows\SysWOW64\ieui.dll
2015-12-09 10:17:21 ----A---- C:\windows\SysWOW64\msfeeds.dll
2015-12-09 10:17:20 ----A---- C:\windows\SysWOW64\urlmon.dll
2015-12-09 10:17:20 ----A---- C:\windows\SysWOW64\iertutil.dll
2015-12-09 10:17:19 ----A---- C:\windows\SysWOW64\actxprxy.dll
2015-12-09 10:17:17 ----A---- C:\windows\SysWOW64\jscript.dll
2015-12-09 10:17:17 ----A---- C:\windows\SysWOW64\inetcomm.dll
2015-12-09 10:17:16 ----A---- C:\windows\SysWOW64\webcheck.dll
2015-12-09 10:17:16 ----A---- C:\windows\SysWOW64\iedkcs32.dll
2015-12-09 10:17:16 ----A---- C:\windows\SysWOW64\ieapfltr.dll
2015-12-09 10:17:16 ----A---- C:\windows\SysWOW64\dxtrans.dll
2015-12-09 10:17:15 ----A---- C:\windows\SysWOW64\MshtmlDac.dll
2015-12-09 10:17:15 ----A---- C:\windows\SysWOW64\iepeers.dll
2015-12-09 10:16:51 ----A---- C:\windows\SysWOW64\Windows.Globalization.dll
2015-12-09 10:16:50 ----A---- C:\windows\SysWOW64\kbdgeoqw.dll
2015-12-09 10:16:50 ----A---- C:\windows\SysWOW64\KBDAZST.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SysWOW64\KBDAZEL.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SysWOW64\KBDAZE.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SysWOW64\GlobCollationHost.dll
2015-12-09 10:12:56 ----A---- C:\windows\SysWOW64\certcli.dll
2015-12-09 10:11:26 ----A---- C:\windows\SysWOW64\ntvdm64.dll
2015-12-09 10:11:26 ----A---- C:\windows\SysWOW64\ntdll.dll
2015-12-09 10:11:26 ----A---- C:\windows\SysWOW64\comsvcs.dll
2015-12-09 10:11:26 ----A---- C:\windows\SysWOW64\catsrvut.dll
2015-12-09 10:11:21 ----A---- C:\windows\SysWOW64\puiobj.dll
2015-12-09 10:10:47 ----A---- C:\windows\SysWOW64\DWrite.dll
2015-12-09 10:10:46 ----A---- C:\windows\SysWOW64\user32.dll
2015-12-09 10:10:46 ----A---- C:\windows\SysWOW64\GdiPlus.dll
2015-12-09 10:10:30 ----A---- C:\windows\SysWOW64\kerberos.dll
2015-12-09 10:10:19 ----A---- C:\windows\SysWOW64\msctf.dll
2015-12-09 10:10:17 ----A---- C:\windows\SysWOW64\authui.dll
2015-12-09 10:10:14 ----A---- C:\windows\SysWOW64\PCPKsp.dll
2015-12-09 10:10:06 ----A---- C:\windows\SysWOW64\wuapi.dll
2015-12-09 10:10:05 ----A---- C:\windows\SysWOW64\wuwebv.dll
2015-12-09 10:10:05 ----A---- C:\windows\SysWOW64\wudriver.dll
2015-12-09 10:10:05 ----A---- C:\windows\SysWOW64\wuapp.exe
2015-12-09 10:09:45 ----A---- C:\windows\SysWOW64\nshwfp.dll
2015-12-09 10:09:45 ----A---- C:\windows\SysWOW64\FWPUCLNT.DLL
======List of files/folders modified in the last 1 month======
2015-12-26 12:53:10 ----D---- C:\windows\Prefetch
2015-12-26 12:53:04 ----RD---- C:\Program Files (x86)
2015-12-26 12:44:35 ----D---- C:\windows\Temp
2015-12-26 12:43:19 ----D---- C:\ProgramData\LU
2015-12-26 12:38:17 ----D---- C:\windows\System32
2015-12-26 12:38:16 ----D---- C:\windows\Inf
2015-12-26 12:35:32 ----D---- C:\Users\Daniela\AppData\Roaming\Skype
2015-12-26 12:33:06 ----D---- C:\ProgramData\Validity
2015-12-26 12:26:36 ----AD---- C:\Windows
2015-12-26 11:46:56 ----D---- C:\ProgramData\McAfee
2015-12-26 11:46:56 ----D---- C:\Program Files (x86)\Common Files
2015-12-26 11:46:54 ----RD---- C:\Program Files
2015-12-26 11:44:10 ----HD---- C:\windows\ELAMBKUP
2015-12-26 11:43:35 ----RSD---- C:\windows\assembly
2015-12-26 01:29:20 ----D---- C:\windows\rescache
2015-12-26 01:25:41 ----SHD---- C:\System Volume Information
2015-12-26 00:27:39 ----D---- C:\windows\Microsoft.NET
2015-12-25 23:55:17 ----D---- C:\windows\WinSxS
2015-12-24 03:03:32 ----D---- C:\windows\CbsTemp
2015-12-22 20:02:49 ----D---- C:\windows\SysWOW64
2015-12-18 20:18:59 ----SD---- C:\windows\SysWOW64\GWX
2015-12-18 11:04:37 ----HD---- C:\ProgramData
2015-12-12 22:22:58 ----D---- C:\windows\apppatch
2015-12-10 18:20:33 ----SHD---- C:\windows\Installer
2015-12-10 18:20:33 ----D---- C:\ProgramData\Skype
2015-12-09 22:57:44 ----D---- C:\windows\SysWOW64\cs-CZ
2015-12-09 22:57:43 ----D---- C:\windows\SysWOW64\en-US
2015-12-09 22:57:42 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-09 22:57:41 ----RSD---- C:\windows\Fonts
2015-12-09 22:57:38 ----RD---- C:\windows\ToastData
2015-12-09 10:59:57 ----D---- C:\windows\AppReadiness
2015-12-09 09:53:37 ----D---- C:\windows\Tasks
2015-12-01 18:19:27 ----A---- C:\windows\SysWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 LubSec;LubSec; C:\windows\System32\Drivers\LubSec.sys []
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys []
R1 SMIDriver;SMIDriver; C:\windows\system32\drivers\smi.sys []
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys []
R3 ACPIVPC;@oem37.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys []
R3 athr;@oem13.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athwbx.sys []
R3 BTATH_BUS;@oem29.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\windows\System32\drivers\btath_bus.sys []
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys []
R3 ETD;@oem12.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys []
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys []
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys []
R3 RSP2STOR;@oem10.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\windows\system32\DRIVERS\RtsP2Stor.sys []
R3 RTL8168;@oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys []
R3 rtsuvc;@oem19.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys []
R3 TXEIx64;@oem4.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys []
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys []
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys []
S2 LubFsFlt;LubFsFlt; \??\C:\windows\System32\Drivers\LubFsFlt.sys []
S3 AthBTPort;@oem32.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys []
S3 BTATH_A2DP;@oem31.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys []
S3 btath_avdt;@oem31.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys []
S3 BTATH_HCRP;@oem34.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\windows\System32\drivers\btath_hcrp.sys []
S3 BTATH_LWFLT;@oem36.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;@oem38.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\windows\System32\drivers\btath_rcp.sys []
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys []
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys []
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys []
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys []
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys []
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys []
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys []
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-12-24 318592]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 33088]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-09 99632]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-03-06 584632]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe []
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-09 1872808]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-21 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 Service Mgr DiscoverTreasure;Service Mgr DiscoverTreasure; C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugincontainer.exe [2015-12-26 780512]
R2 Update Mgr DiscoverTreasure;Update Mgr DiscoverTreasure; C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe [2015-12-26 639712]
R2 USBBKSvc;USBBKSvc; C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe [2013-12-25 35824]
R2 valWBFPolicyService;@oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service; C:\windows\System32\valWBFPolicyService.exe []
R2 valWbioSyncSvc;BiometricSensorDataSynchronization; C:\windows\system32\valWbioSyncSvc.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 33088]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-06 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22 107848]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-03-09 272440]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-21 305136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zavirovany NTB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: zavirovany NTB
Zdravim 
Mate 64bit system, tak dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe
Mate 64bit system, tak dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: zavirovany NTB
tady je:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Daniela at 2015-12-26 22:03:17
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 301 GB (69%) free of 435 GB
Total RAM: 3978 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:03:26, on 26. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\windows\syswow64\wwahost.exe
C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\12\plugin.exe
C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\plugin.exe
C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\3\plugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Daniela.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 82DAC4A1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://unstopp.me/wpad.dat?233f6bf4b580 ... 4222627204
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Discover Treasure - {bfa55139-82af-4663-a19b-e135dac8d043} - C:\Program Files (x86)\Discover Treasure\Extensions\bfa55139-82af-4663-a19b-e135dac8d043.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [Pokki] "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BingSvc] C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Service Mgr DiscoverTreasure - Unknown owner - C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugincontainer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Mgr DiscoverTreasure - Unknown owner - C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe
O23 - Service: USBBKSvc - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe
O23 - Service: @oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\windows\System32\valWBFPolicyService.exe (file missing)
O23 - Service: BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\windows\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 10626 bytes
======Listing Processes======
wininit.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1e6c3b0f-ddca-4402-b7c8-24be247d3261 -SystemEventPortName:HostProcess-8baa9a4c-8ad9-40a3-b3e1-23f9682db3e9 -IoCancelEventPortName:HostProcess-5b65ceb9-cce0-4dd7-94e0-84c20d4dfbf1 -NonStateChangingEventPortName:HostProcess-093a6388-e8fd-4d72-a2eb-eb5a2ef8c002 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2e7716c1-e792-4220-a08e-47f27999f4fe -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f8b1cdb2-c734-43ed-8360-756448c37031 -SystemEventPortName:HostProcess-f5524ea4-d5dd-4048-be55-9e09daa929e0 -IoCancelEventPortName:HostProcess-4938807d-7305-4760-b5bc-d6c8e704ef4f -NonStateChangingEventPortName:HostProcess-59b7277a-07e6-49c8-a67f-b33d13ac332f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ad50c825-99fa-4d99-8f89-d18ac79714ac -DeviceGroupId:WudfDefaultDevicePool
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
dashost.exe {94e80d73-0f75-4b52-b8e27e1474f647cc}
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe"
C:\windows\System32\valWBFPolicyService.exe
C:\windows\system32\valWbioSyncSvc.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe"
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 7769DF4F-6F68-0478-7191-BDC1917866FA -Reinvoke
adb fork-server server
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0xe20_0x16d0_0x58376782"
C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugincontainer.exe"
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\10\plugin.exe"
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\2\plugin.exe" u
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\8\plugin.exe" u
"C:\Program Files\Elantech\ETDCtrl.exe"
"c:\Program Files\Validity Sensors\Shared\SensorDBSynch.exe"
C:\windows\Explorer.EXE
\??\C:\windows\system32\conhost.exe 0x4
taskhostex.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\windows\syswow64\wwahost.exe" -ServerName:App.wwa
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Users\Daniela\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
"C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\5\plugin.exe" u
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\12\plugin.exe" u
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\12\plugin.exe"
"C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe"
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\3\plugin.exe" u
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\plugin.exe" u
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\plugin.exe"
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\3\plugin.exe"
taskhost.exe
C:\windows\system32\svchost.exe -k WbioSvcGroup
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4592 --on-initialized-event-handle=412 --parent-handle=416
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3372.0.1980722058\298327721" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StableHQPFrequencyBugFix_PrePeriod_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3372.2.1721089553\2117077374" --font-cache-shared-handle=2376 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StableHQPFrequencyBugFix_PrePeriod_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3372.4.2048353800\268296147" --font-cache-shared-handle=4860 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3372.6.555623885\1070624159" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --device-scale-factor=1 --font-cache-shared-handle=7180 --ignored=" --type=renderer " /prefetch:-632637702
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe22_ Global\UsGthrCtrlFltPipeMssGthrPipe22 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\Daniela\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bfa55139-82af-4663-a19b-e135dac8d043}]
Discover Treasure - C:\Program Files (x86)\Discover Treasure\Extensions\bfa55139-82af-4663-a19b-e135dac8d043.dll [2015-12-15 144072]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-03-06 391152]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2014-03-06 771568]
"Persistence"=C:\windows\system32\igfxpers.exe [2014-03-06 770544]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26 13672152]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-19 2892616]
"RtsFT"=C:\windows\RTFTrack.exe [2014-01-21 6340312]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-12-21 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-21 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-21 10973168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pokki"=C:\Users\Daniela\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [2014-10-11 6513480]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2014-03-31 4272840]
"BingSvc"=C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-12-09 144008]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-11-30 50509440]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2014-01-16 624640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-26 22:03:17 ----D---- C:\rsit
2015-12-26 22:03:17 ----D---- C:\Program Files\trend micro
2015-12-26 16:33:16 ----D---- C:\Users\Daniela\AppData\Roaming\LolClient
2015-12-26 14:38:09 ----D---- C:\ProgramData\Riot Games
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\XAudio2_2.dll
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\XAPOFX1_1.dll
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\d3dx10_39.dll
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\D3DCompiler_39.dll
2015-12-26 14:37:02 ----A---- C:\windows\SYSWOW64\D3DX9_39.dll
2015-12-26 14:36:37 ----D---- C:\Riot Games
2015-12-26 14:30:40 ----D---- C:\Users\Daniela\AppData\Roaming\Riot Games
2015-12-26 12:53:04 ----D---- C:\Program Files (x86)\trend micro
2015-12-26 12:26:36 ----A---- C:\windows\ntbtlog.txt
2015-12-26 11:50:55 ----N---- C:\windows\system32\MpSigStub.exe
2015-12-21 14:16:11 ----A---- C:\windows\system32\aspnet_counters.dll
2015-12-21 14:16:08 ----A---- C:\windows\SYSWOW64\aspnet_counters.dll
2015-12-15 23:33:20 ----D---- C:\Program Files (x86)\SimpleFiles
2015-12-15 23:15:08 ----D---- C:\Users\Daniela\AppData\Roaming\SimpleFiles
2015-12-15 23:14:31 ----D---- C:\ProgramData\Tmp0x0x
2015-12-15 23:14:31 ----D---- C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77
2015-12-15 23:14:29 ----D---- C:\Program Files (x86)\Discover Treasure
2015-12-10 18:19:34 ----D---- C:\Users\Daniela\AppData\Roaming\Maxthon3
2015-12-09 11:12:59 ----A---- C:\windows\system32\invagent.dll
2015-12-09 11:12:59 ----A---- C:\windows\system32\devinv.dll
2015-12-09 11:12:59 ----A---- C:\windows\system32\appraiser.dll
2015-12-09 11:12:58 ----A---- C:\windows\system32\generaltel.dll
2015-12-09 11:12:58 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-12-09 11:12:58 ----A---- C:\windows\system32\aeinv.dll
2015-12-09 11:12:58 ----A---- C:\windows\system32\acmigration.dll
2015-12-09 10:20:13 ----A---- C:\windows\system32\drivers\tdx.sys
2015-12-09 10:20:13 ----A---- C:\windows\system32\drivers\afd.sys
2015-12-09 10:20:10 ----A---- C:\windows\system32\schannel.dll
2015-12-09 10:20:09 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-12-09 10:20:09 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll
2015-12-09 10:20:09 ----A---- C:\windows\SYSWOW64\bcryptprimitives.dll
2015-12-09 10:20:09 ----A---- C:\windows\system32\ncryptsslp.dll
2015-12-09 10:20:09 ----A---- C:\windows\system32\ncrypt.dll
2015-12-09 10:20:09 ----A---- C:\windows\system32\bcryptprimitives.dll
2015-12-09 10:20:08 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-12-09 10:19:46 ----A---- C:\windows\system32\AuthHost.exe
2015-12-09 10:19:45 ----A---- C:\windows\SYSWOW64\untfs.dll
2015-12-09 10:19:44 ----A---- C:\windows\system32\untfs.dll
2015-12-09 10:19:43 ----A---- C:\windows\system32\drivers\tunnel.sys
2015-12-09 10:19:42 ----AC---- C:\windows\system32\drivers\tpm.sys
2015-12-09 10:19:41 ----A---- C:\windows\system32\drivers\rmcast.sys
2015-12-09 10:19:40 ----A---- C:\windows\SYSWOW64\gdi32.dll
2015-12-09 10:19:40 ----A---- C:\windows\system32\gdi32.dll
2015-12-09 10:18:20 ----A---- C:\windows\system32\mshtml.dll
2015-12-09 10:17:47 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-12-09 10:17:29 ----A---- C:\windows\system32\jscript9.dll
2015-12-09 10:17:28 ----A---- C:\windows\system32\ieframe.dll
2015-12-09 10:17:26 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-12-09 10:17:25 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-12-09 10:17:24 ----A---- C:\windows\system32\wininet.dll
2015-12-09 10:17:23 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-12-09 10:17:23 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-12-09 10:17:23 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-12-09 10:17:23 ----A---- C:\windows\system32\vbscript.dll
2015-12-09 10:17:23 ----A---- C:\windows\system32\ieui.dll
2015-12-09 10:17:22 ----A---- C:\windows\system32\urlmon.dll
2015-12-09 10:17:22 ----A---- C:\windows\system32\iertutil.dll
2015-12-09 10:17:21 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-12-09 10:17:21 ----A---- C:\windows\system32\jscript.dll
2015-12-09 10:17:20 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-12-09 10:17:20 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-12-09 10:17:20 ----A---- C:\windows\system32\msfeeds.dll
2015-12-09 10:17:19 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2015-12-09 10:17:17 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-12-09 10:17:17 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2015-12-09 10:17:17 ----A---- C:\windows\system32\inetcomm.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\webcheck.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\webcheck.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\mshtmled.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\iepeers.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\iedkcs32.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\ieapfltr.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\ie4uinit.exe
2015-12-09 10:17:16 ----A---- C:\windows\system32\dxtrans.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\actxprxy.dll
2015-12-09 10:17:15 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-12-09 10:17:15 ----A---- C:\windows\SYSWOW64\iepeers.dll
2015-12-09 10:16:52 ----A---- C:\windows\system32\Windows.Globalization.dll
2015-12-09 10:16:51 ----A---- C:\windows\SYSWOW64\Windows.Globalization.dll
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\kbdgeoqw.dll
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\KBDAZST.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\KBDAZEL.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\KBDAZE.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\GlobCollationHost.dll
2015-12-09 10:16:50 ----A---- C:\windows\system32\kbdgeoqw.dll
2015-12-09 10:16:50 ----A---- C:\windows\system32\KBDAZST.DLL
2015-12-09 10:16:50 ----A---- C:\windows\system32\KBDAZEL.DLL
2015-12-09 10:16:50 ----A---- C:\windows\system32\KBDAZE.DLL
2015-12-09 10:16:50 ----A---- C:\windows\system32\GlobCollationHost.dll
2015-12-09 10:12:57 ----A---- C:\windows\system32\lsasrv.dll
2015-12-09 10:12:56 ----A---- C:\windows\SYSWOW64\certcli.dll
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\cng.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\dpapisrv.dll
2015-12-09 10:12:56 ----A---- C:\windows\system32\certcli.dll
2015-12-09 10:11:27 ----A---- C:\windows\system32\winresume.exe
2015-12-09 10:11:27 ----A---- C:\windows\system32\winload.exe
2015-12-09 10:11:27 ----A---- C:\windows\system32\ntoskrnl.exe
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\comsvcs.dll
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\catsrvut.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\ntvdm64.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\ntdll.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\comsvcs.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\catsrvut.dll
2015-12-09 10:11:22 ----A---- C:\windows\system32\localspl.dll
2015-12-09 10:11:21 ----A---- C:\windows\SYSWOW64\puiobj.dll
2015-12-09 10:11:21 ----A---- C:\windows\system32\puiobj.dll
2015-12-09 10:10:49 ----A---- C:\windows\system32\win32k.sys
2015-12-09 10:10:48 ----A---- C:\windows\system32\user32.dll
2015-12-09 10:10:48 ----A---- C:\windows\system32\FntCache.dll
2015-12-09 10:10:48 ----A---- C:\windows\system32\DWrite.dll
2015-12-09 10:10:47 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-12-09 10:10:47 ----A---- C:\windows\system32\GdiPlus.dll
2015-12-09 10:10:46 ----A---- C:\windows\SYSWOW64\user32.dll
2015-12-09 10:10:46 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2015-12-09 10:10:41 ----A---- C:\windows\system32\fveapi.dll
2015-12-09 10:10:41 ----A---- C:\windows\system32\bdesvc.dll
2015-12-09 10:10:30 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-12-09 10:10:30 ----A---- C:\windows\system32\kerberos.dll
2015-12-09 10:10:20 ----A---- C:\windows\system32\msctf.dll
2015-12-09 10:10:19 ----A---- C:\windows\SYSWOW64\msctf.dll
2015-12-09 10:10:17 ----A---- C:\windows\SYSWOW64\authui.dll
2015-12-09 10:10:17 ----A---- C:\windows\system32\authui.dll
2015-12-09 10:10:14 ----A---- C:\windows\SYSWOW64\PCPKsp.dll
2015-12-09 10:10:13 ----A---- C:\windows\system32\PCPKsp.dll
2015-12-09 10:10:12 ----A---- C:\windows\system32\winlogon.exe
2015-12-09 10:10:12 ----A---- C:\windows\system32\wininit.exe
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\winusb.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbuhci.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbport.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbohci.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\USBHUB3.SYS
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbhub.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbehci.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbd.sys
2015-12-09 10:10:06 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-12-09 10:10:06 ----A---- C:\windows\system32\wuaueng.dll
2015-12-09 10:10:06 ----A---- C:\windows\system32\wuapi.dll
2015-12-09 10:10:05 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-12-09 10:10:05 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-12-09 10:10:05 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-12-09 10:10:05 ----A---- C:\windows\system32\wuwebv.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wups2.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wudriver.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wucltux.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wuauclt.exe
2015-12-09 10:10:05 ----A---- C:\windows\system32\wuapp.exe
2015-12-09 10:09:45 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2015-12-09 10:09:45 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2015-12-09 10:09:45 ----A---- C:\windows\system32\nshwfp.dll
2015-12-09 10:09:45 ----A---- C:\windows\system32\IKEEXT.DLL
2015-12-09 10:09:45 ----A---- C:\windows\system32\FWPUCLNT.DLL
2015-12-09 10:09:45 ----A---- C:\windows\system32\drivers\wfplwfs.sys
2015-12-09 10:09:45 ----A---- C:\windows\system32\BFE.DLL
======List of files/folders modified in the last 1 month======
2015-12-26 22:03:24 ----D---- C:\windows\Prefetch
2015-12-26 22:03:17 ----RD---- C:\Program Files
2015-12-26 22:00:35 ----D---- C:\windows\system32\sru
2015-12-26 18:31:51 ----D---- C:\windows\Temp
2015-12-26 18:31:02 ----SHD---- C:\windows\Installer
2015-12-26 15:32:55 ----D---- C:\windows\Inf
2015-12-26 14:38:09 ----HD---- C:\ProgramData
2015-12-26 14:37:03 ----D---- C:\windows\SysWOW64
2015-12-26 14:36:39 ----D---- C:\windows\Tasks
2015-12-26 14:35:02 ----D---- C:\windows\system32\config
2015-12-26 14:32:52 ----D---- C:\windows\WinSxS
2015-12-26 14:31:47 ----SHD---- C:\System Volume Information
2015-12-26 14:29:31 ----D---- C:\Users\Daniela\AppData\Roaming\Skype
2015-12-26 12:53:04 ----RD---- C:\Program Files (x86)
2015-12-26 12:43:20 ----D---- C:\ProgramData\LU
2015-12-26 12:38:17 ----RAD---- C:\windows\System32
2015-12-26 12:38:17 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-12-26 12:33:06 ----D---- C:\ProgramData\Validity
2015-12-26 12:26:36 ----AD---- C:\Windows
2015-12-26 11:46:56 ----D---- C:\ProgramData\McAfee
2015-12-26 11:46:56 ----D---- C:\Program Files\Common Files
2015-12-26 11:46:56 ----D---- C:\Program Files (x86)\Common Files
2015-12-26 11:44:13 ----D---- C:\windows\system32\drivers
2015-12-26 11:44:10 ----HD---- C:\windows\ELAMBKUP
2015-12-26 11:43:38 ----D---- C:\windows\system32\Tasks
2015-12-26 11:43:35 ----RSD---- C:\windows\assembly
2015-12-26 01:29:20 ----D---- C:\windows\rescache
2015-12-26 00:27:39 ----D---- C:\windows\Microsoft.NET
2015-12-24 03:03:32 ----D---- C:\windows\CbsTemp
2015-12-18 20:18:59 ----SD---- C:\windows\SYSWOW64\GWX
2015-12-18 20:18:59 ----SD---- C:\windows\system32\GWX
2015-12-16 12:14:58 ----D---- C:\windows\system32\GroupPolicy
2015-12-14 21:57:03 ----D---- C:\windows\system32\DriverStore
2015-12-14 21:49:46 ----D---- C:\windows\system32\catroot2
2015-12-12 22:22:58 ----SD---- C:\windows\system32\CompatTel
2015-12-12 22:22:58 ----D---- C:\windows\system32\appraiser
2015-12-12 22:22:58 ----D---- C:\windows\apppatch
2015-12-10 18:20:33 ----D---- C:\ProgramData\Skype
2015-12-09 22:57:47 ----D---- C:\windows\system32\Boot
2015-12-09 22:57:44 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-12-09 22:57:43 ----D---- C:\windows\SYSWOW64\en-US
2015-12-09 22:57:43 ----D---- C:\windows\system32\en-US
2015-12-09 22:57:43 ----D---- C:\windows\system32\cs-CZ
2015-12-09 22:57:42 ----D---- C:\Program Files\Internet Explorer
2015-12-09 22:57:42 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-09 22:57:41 ----RSD---- C:\windows\Fonts
2015-12-09 22:57:38 ----RD---- C:\windows\ToastData
2015-12-09 10:59:57 ----D---- C:\windows\AppReadiness
2015-12-09 10:59:56 ----HD---- C:\Program Files\WindowsApps
2015-12-09 10:50:25 ----D---- C:\windows\system32\MRT
2015-12-01 18:19:27 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 LubSec;LubSec; C:\windows\System32\Drivers\LubSec.sys [2014-02-22 45304]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 SMIDriver;SMIDriver; C:\windows\system32\drivers\smi.sys [2014-01-22 19760]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 ACPIVPC;@oem37.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-12-21 35576]
R3 athr;@oem13.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athwbx.sys [2013-12-12 3881472]
R3 BTATH_BUS;@oem29.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\windows\System32\drivers\btath_bus.sys [2013-12-24 34384]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2013-12-24 597192]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 ETD;@oem12.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-02-18 377608]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-01-16 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-05-26 3975128]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-01-16 450520]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 RSP2STOR;@oem10.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\windows\system32\DRIVERS\RtsP2Stor.sys [2013-09-24 290520]
R3 RTL8168;@oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 rtsuvc;@oem19.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
R3 TXEIx64;@oem4.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2013-07-02 87568]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys [2015-04-08 80160]
S2 LubFsFlt;LubFsFlt; \??\C:\windows\System32\Drivers\LubFsFlt.sys [2014-02-22 27384]
S3 AthBTPort;@oem32.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2013-12-24 89800]
S3 BTATH_A2DP;@oem31.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2013-12-24 338120]
S3 btath_avdt;@oem31.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2013-12-24 116424]
S3 BTATH_HCRP;@oem34.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\windows\System32\drivers\btath_hcrp.sys [2013-12-24 179432]
S3 BTATH_LWFLT;@oem36.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2013-12-24 77464]
S3 BTATH_RCP;@oem38.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\windows\System32\drivers\btath_rcp.sys [2013-12-24 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-12-24 318592]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-09 99632]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-03-06 584632]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-21 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-09 1872808]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-21 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 Service Mgr DiscoverTreasure;Service Mgr DiscoverTreasure; C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugincontainer.exe [2015-12-26 779488]
R2 Update Mgr DiscoverTreasure;Update Mgr DiscoverTreasure; C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe [2015-12-26 632032]
R2 USBBKSvc;USBBKSvc; C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe [2013-12-25 35824]
R2 valWBFPolicyService;@oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service; C:\windows\System32\valWBFPolicyService.exe [2014-01-17 46992]
R2 valWbioSyncSvc;BiometricSensorDataSynchronization; C:\windows\system32\valWbioSyncSvc.exe [2014-01-17 32256]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-06 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22 107848]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-03-09 272440]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-21 305136]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Daniela at 2015-12-26 22:03:17
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 301 GB (69%) free of 435 GB
Total RAM: 3978 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:03:26, on 26. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\windows\syswow64\wwahost.exe
C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\12\plugin.exe
C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\plugin.exe
C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\3\plugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Daniela.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 82DAC4A1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://unstopp.me/wpad.dat?233f6bf4b580 ... 4222627204
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Discover Treasure - {bfa55139-82af-4663-a19b-e135dac8d043} - C:\Program Files (x86)\Discover Treasure\Extensions\bfa55139-82af-4663-a19b-e135dac8d043.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [Pokki] "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BingSvc] C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Service Mgr DiscoverTreasure - Unknown owner - C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugincontainer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Mgr DiscoverTreasure - Unknown owner - C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe
O23 - Service: USBBKSvc - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe
O23 - Service: @oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\windows\System32\valWBFPolicyService.exe (file missing)
O23 - Service: BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\windows\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 10626 bytes
======Listing Processes======
wininit.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1e6c3b0f-ddca-4402-b7c8-24be247d3261 -SystemEventPortName:HostProcess-8baa9a4c-8ad9-40a3-b3e1-23f9682db3e9 -IoCancelEventPortName:HostProcess-5b65ceb9-cce0-4dd7-94e0-84c20d4dfbf1 -NonStateChangingEventPortName:HostProcess-093a6388-e8fd-4d72-a2eb-eb5a2ef8c002 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2e7716c1-e792-4220-a08e-47f27999f4fe -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f8b1cdb2-c734-43ed-8360-756448c37031 -SystemEventPortName:HostProcess-f5524ea4-d5dd-4048-be55-9e09daa929e0 -IoCancelEventPortName:HostProcess-4938807d-7305-4760-b5bc-d6c8e704ef4f -NonStateChangingEventPortName:HostProcess-59b7277a-07e6-49c8-a67f-b33d13ac332f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ad50c825-99fa-4d99-8f89-d18ac79714ac -DeviceGroupId:WudfDefaultDevicePool
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
dashost.exe {94e80d73-0f75-4b52-b8e27e1474f647cc}
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe"
C:\windows\System32\valWBFPolicyService.exe
C:\windows\system32\valWbioSyncSvc.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe"
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 7769DF4F-6F68-0478-7191-BDC1917866FA -Reinvoke
adb fork-server server
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0xe20_0x16d0_0x58376782"
C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugincontainer.exe"
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\10\plugin.exe"
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\2\plugin.exe" u
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\8\plugin.exe" u
"C:\Program Files\Elantech\ETDCtrl.exe"
"c:\Program Files\Validity Sensors\Shared\SensorDBSynch.exe"
C:\windows\Explorer.EXE
\??\C:\windows\system32\conhost.exe 0x4
taskhostex.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\windows\syswow64\wwahost.exe" -ServerName:App.wwa
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Users\Daniela\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
"C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\5\plugin.exe" u
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\12\plugin.exe" u
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\12\plugin.exe"
"C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe"
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\3\plugin.exe" u
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\plugin.exe" u
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\plugin.exe"
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\3\plugin.exe"
taskhost.exe
C:\windows\system32\svchost.exe -k WbioSvcGroup
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4592 --on-initialized-event-handle=412 --parent-handle=416
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3372.0.1980722058\298327721" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StableHQPFrequencyBugFix_PrePeriod_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3372.2.1721089553\2117077374" --font-cache-shared-handle=2376 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StableHQPFrequencyBugFix_PrePeriod_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3372.4.2048353800\268296147" --font-cache-shared-handle=4860 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3372.6.555623885\1070624159" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --device-scale-factor=1 --font-cache-shared-handle=7180 --ignored=" --type=renderer " /prefetch:-632637702
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe22_ Global\UsGthrCtrlFltPipeMssGthrPipe22 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\Daniela\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bfa55139-82af-4663-a19b-e135dac8d043}]
Discover Treasure - C:\Program Files (x86)\Discover Treasure\Extensions\bfa55139-82af-4663-a19b-e135dac8d043.dll [2015-12-15 144072]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-03-06 391152]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2014-03-06 771568]
"Persistence"=C:\windows\system32\igfxpers.exe [2014-03-06 770544]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26 13672152]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-19 2892616]
"RtsFT"=C:\windows\RTFTrack.exe [2014-01-21 6340312]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-12-21 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-21 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-21 10973168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pokki"=C:\Users\Daniela\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [2014-10-11 6513480]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2014-03-31 4272840]
"BingSvc"=C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-12-09 144008]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-11-30 50509440]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2014-01-16 624640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-26 22:03:17 ----D---- C:\rsit
2015-12-26 22:03:17 ----D---- C:\Program Files\trend micro
2015-12-26 16:33:16 ----D---- C:\Users\Daniela\AppData\Roaming\LolClient
2015-12-26 14:38:09 ----D---- C:\ProgramData\Riot Games
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\XAudio2_2.dll
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\XAPOFX1_1.dll
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\d3dx10_39.dll
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\D3DCompiler_39.dll
2015-12-26 14:37:02 ----A---- C:\windows\SYSWOW64\D3DX9_39.dll
2015-12-26 14:36:37 ----D---- C:\Riot Games
2015-12-26 14:30:40 ----D---- C:\Users\Daniela\AppData\Roaming\Riot Games
2015-12-26 12:53:04 ----D---- C:\Program Files (x86)\trend micro
2015-12-26 12:26:36 ----A---- C:\windows\ntbtlog.txt
2015-12-26 11:50:55 ----N---- C:\windows\system32\MpSigStub.exe
2015-12-21 14:16:11 ----A---- C:\windows\system32\aspnet_counters.dll
2015-12-21 14:16:08 ----A---- C:\windows\SYSWOW64\aspnet_counters.dll
2015-12-15 23:33:20 ----D---- C:\Program Files (x86)\SimpleFiles
2015-12-15 23:15:08 ----D---- C:\Users\Daniela\AppData\Roaming\SimpleFiles
2015-12-15 23:14:31 ----D---- C:\ProgramData\Tmp0x0x
2015-12-15 23:14:31 ----D---- C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77
2015-12-15 23:14:29 ----D---- C:\Program Files (x86)\Discover Treasure
2015-12-10 18:19:34 ----D---- C:\Users\Daniela\AppData\Roaming\Maxthon3
2015-12-09 11:12:59 ----A---- C:\windows\system32\invagent.dll
2015-12-09 11:12:59 ----A---- C:\windows\system32\devinv.dll
2015-12-09 11:12:59 ----A---- C:\windows\system32\appraiser.dll
2015-12-09 11:12:58 ----A---- C:\windows\system32\generaltel.dll
2015-12-09 11:12:58 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-12-09 11:12:58 ----A---- C:\windows\system32\aeinv.dll
2015-12-09 11:12:58 ----A---- C:\windows\system32\acmigration.dll
2015-12-09 10:20:13 ----A---- C:\windows\system32\drivers\tdx.sys
2015-12-09 10:20:13 ----A---- C:\windows\system32\drivers\afd.sys
2015-12-09 10:20:10 ----A---- C:\windows\system32\schannel.dll
2015-12-09 10:20:09 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-12-09 10:20:09 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll
2015-12-09 10:20:09 ----A---- C:\windows\SYSWOW64\bcryptprimitives.dll
2015-12-09 10:20:09 ----A---- C:\windows\system32\ncryptsslp.dll
2015-12-09 10:20:09 ----A---- C:\windows\system32\ncrypt.dll
2015-12-09 10:20:09 ----A---- C:\windows\system32\bcryptprimitives.dll
2015-12-09 10:20:08 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-12-09 10:19:46 ----A---- C:\windows\system32\AuthHost.exe
2015-12-09 10:19:45 ----A---- C:\windows\SYSWOW64\untfs.dll
2015-12-09 10:19:44 ----A---- C:\windows\system32\untfs.dll
2015-12-09 10:19:43 ----A---- C:\windows\system32\drivers\tunnel.sys
2015-12-09 10:19:42 ----AC---- C:\windows\system32\drivers\tpm.sys
2015-12-09 10:19:41 ----A---- C:\windows\system32\drivers\rmcast.sys
2015-12-09 10:19:40 ----A---- C:\windows\SYSWOW64\gdi32.dll
2015-12-09 10:19:40 ----A---- C:\windows\system32\gdi32.dll
2015-12-09 10:18:20 ----A---- C:\windows\system32\mshtml.dll
2015-12-09 10:17:47 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-12-09 10:17:29 ----A---- C:\windows\system32\jscript9.dll
2015-12-09 10:17:28 ----A---- C:\windows\system32\ieframe.dll
2015-12-09 10:17:26 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-12-09 10:17:25 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-12-09 10:17:24 ----A---- C:\windows\system32\wininet.dll
2015-12-09 10:17:23 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-12-09 10:17:23 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-12-09 10:17:23 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-12-09 10:17:23 ----A---- C:\windows\system32\vbscript.dll
2015-12-09 10:17:23 ----A---- C:\windows\system32\ieui.dll
2015-12-09 10:17:22 ----A---- C:\windows\system32\urlmon.dll
2015-12-09 10:17:22 ----A---- C:\windows\system32\iertutil.dll
2015-12-09 10:17:21 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-12-09 10:17:21 ----A---- C:\windows\system32\jscript.dll
2015-12-09 10:17:20 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-12-09 10:17:20 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-12-09 10:17:20 ----A---- C:\windows\system32\msfeeds.dll
2015-12-09 10:17:19 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2015-12-09 10:17:17 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-12-09 10:17:17 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2015-12-09 10:17:17 ----A---- C:\windows\system32\inetcomm.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\webcheck.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\webcheck.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\mshtmled.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\iepeers.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\iedkcs32.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\ieapfltr.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\ie4uinit.exe
2015-12-09 10:17:16 ----A---- C:\windows\system32\dxtrans.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\actxprxy.dll
2015-12-09 10:17:15 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-12-09 10:17:15 ----A---- C:\windows\SYSWOW64\iepeers.dll
2015-12-09 10:16:52 ----A---- C:\windows\system32\Windows.Globalization.dll
2015-12-09 10:16:51 ----A---- C:\windows\SYSWOW64\Windows.Globalization.dll
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\kbdgeoqw.dll
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\KBDAZST.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\KBDAZEL.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\KBDAZE.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\GlobCollationHost.dll
2015-12-09 10:16:50 ----A---- C:\windows\system32\kbdgeoqw.dll
2015-12-09 10:16:50 ----A---- C:\windows\system32\KBDAZST.DLL
2015-12-09 10:16:50 ----A---- C:\windows\system32\KBDAZEL.DLL
2015-12-09 10:16:50 ----A---- C:\windows\system32\KBDAZE.DLL
2015-12-09 10:16:50 ----A---- C:\windows\system32\GlobCollationHost.dll
2015-12-09 10:12:57 ----A---- C:\windows\system32\lsasrv.dll
2015-12-09 10:12:56 ----A---- C:\windows\SYSWOW64\certcli.dll
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\cng.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\dpapisrv.dll
2015-12-09 10:12:56 ----A---- C:\windows\system32\certcli.dll
2015-12-09 10:11:27 ----A---- C:\windows\system32\winresume.exe
2015-12-09 10:11:27 ----A---- C:\windows\system32\winload.exe
2015-12-09 10:11:27 ----A---- C:\windows\system32\ntoskrnl.exe
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\comsvcs.dll
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\catsrvut.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\ntvdm64.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\ntdll.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\comsvcs.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\catsrvut.dll
2015-12-09 10:11:22 ----A---- C:\windows\system32\localspl.dll
2015-12-09 10:11:21 ----A---- C:\windows\SYSWOW64\puiobj.dll
2015-12-09 10:11:21 ----A---- C:\windows\system32\puiobj.dll
2015-12-09 10:10:49 ----A---- C:\windows\system32\win32k.sys
2015-12-09 10:10:48 ----A---- C:\windows\system32\user32.dll
2015-12-09 10:10:48 ----A---- C:\windows\system32\FntCache.dll
2015-12-09 10:10:48 ----A---- C:\windows\system32\DWrite.dll
2015-12-09 10:10:47 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-12-09 10:10:47 ----A---- C:\windows\system32\GdiPlus.dll
2015-12-09 10:10:46 ----A---- C:\windows\SYSWOW64\user32.dll
2015-12-09 10:10:46 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2015-12-09 10:10:41 ----A---- C:\windows\system32\fveapi.dll
2015-12-09 10:10:41 ----A---- C:\windows\system32\bdesvc.dll
2015-12-09 10:10:30 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-12-09 10:10:30 ----A---- C:\windows\system32\kerberos.dll
2015-12-09 10:10:20 ----A---- C:\windows\system32\msctf.dll
2015-12-09 10:10:19 ----A---- C:\windows\SYSWOW64\msctf.dll
2015-12-09 10:10:17 ----A---- C:\windows\SYSWOW64\authui.dll
2015-12-09 10:10:17 ----A---- C:\windows\system32\authui.dll
2015-12-09 10:10:14 ----A---- C:\windows\SYSWOW64\PCPKsp.dll
2015-12-09 10:10:13 ----A---- C:\windows\system32\PCPKsp.dll
2015-12-09 10:10:12 ----A---- C:\windows\system32\winlogon.exe
2015-12-09 10:10:12 ----A---- C:\windows\system32\wininit.exe
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\winusb.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbuhci.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbport.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbohci.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\USBHUB3.SYS
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbhub.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbehci.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbd.sys
2015-12-09 10:10:06 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-12-09 10:10:06 ----A---- C:\windows\system32\wuaueng.dll
2015-12-09 10:10:06 ----A---- C:\windows\system32\wuapi.dll
2015-12-09 10:10:05 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-12-09 10:10:05 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-12-09 10:10:05 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-12-09 10:10:05 ----A---- C:\windows\system32\wuwebv.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wups2.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wudriver.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wucltux.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wuauclt.exe
2015-12-09 10:10:05 ----A---- C:\windows\system32\wuapp.exe
2015-12-09 10:09:45 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2015-12-09 10:09:45 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2015-12-09 10:09:45 ----A---- C:\windows\system32\nshwfp.dll
2015-12-09 10:09:45 ----A---- C:\windows\system32\IKEEXT.DLL
2015-12-09 10:09:45 ----A---- C:\windows\system32\FWPUCLNT.DLL
2015-12-09 10:09:45 ----A---- C:\windows\system32\drivers\wfplwfs.sys
2015-12-09 10:09:45 ----A---- C:\windows\system32\BFE.DLL
======List of files/folders modified in the last 1 month======
2015-12-26 22:03:24 ----D---- C:\windows\Prefetch
2015-12-26 22:03:17 ----RD---- C:\Program Files
2015-12-26 22:00:35 ----D---- C:\windows\system32\sru
2015-12-26 18:31:51 ----D---- C:\windows\Temp
2015-12-26 18:31:02 ----SHD---- C:\windows\Installer
2015-12-26 15:32:55 ----D---- C:\windows\Inf
2015-12-26 14:38:09 ----HD---- C:\ProgramData
2015-12-26 14:37:03 ----D---- C:\windows\SysWOW64
2015-12-26 14:36:39 ----D---- C:\windows\Tasks
2015-12-26 14:35:02 ----D---- C:\windows\system32\config
2015-12-26 14:32:52 ----D---- C:\windows\WinSxS
2015-12-26 14:31:47 ----SHD---- C:\System Volume Information
2015-12-26 14:29:31 ----D---- C:\Users\Daniela\AppData\Roaming\Skype
2015-12-26 12:53:04 ----RD---- C:\Program Files (x86)
2015-12-26 12:43:20 ----D---- C:\ProgramData\LU
2015-12-26 12:38:17 ----RAD---- C:\windows\System32
2015-12-26 12:38:17 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-12-26 12:33:06 ----D---- C:\ProgramData\Validity
2015-12-26 12:26:36 ----AD---- C:\Windows
2015-12-26 11:46:56 ----D---- C:\ProgramData\McAfee
2015-12-26 11:46:56 ----D---- C:\Program Files\Common Files
2015-12-26 11:46:56 ----D---- C:\Program Files (x86)\Common Files
2015-12-26 11:44:13 ----D---- C:\windows\system32\drivers
2015-12-26 11:44:10 ----HD---- C:\windows\ELAMBKUP
2015-12-26 11:43:38 ----D---- C:\windows\system32\Tasks
2015-12-26 11:43:35 ----RSD---- C:\windows\assembly
2015-12-26 01:29:20 ----D---- C:\windows\rescache
2015-12-26 00:27:39 ----D---- C:\windows\Microsoft.NET
2015-12-24 03:03:32 ----D---- C:\windows\CbsTemp
2015-12-18 20:18:59 ----SD---- C:\windows\SYSWOW64\GWX
2015-12-18 20:18:59 ----SD---- C:\windows\system32\GWX
2015-12-16 12:14:58 ----D---- C:\windows\system32\GroupPolicy
2015-12-14 21:57:03 ----D---- C:\windows\system32\DriverStore
2015-12-14 21:49:46 ----D---- C:\windows\system32\catroot2
2015-12-12 22:22:58 ----SD---- C:\windows\system32\CompatTel
2015-12-12 22:22:58 ----D---- C:\windows\system32\appraiser
2015-12-12 22:22:58 ----D---- C:\windows\apppatch
2015-12-10 18:20:33 ----D---- C:\ProgramData\Skype
2015-12-09 22:57:47 ----D---- C:\windows\system32\Boot
2015-12-09 22:57:44 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-12-09 22:57:43 ----D---- C:\windows\SYSWOW64\en-US
2015-12-09 22:57:43 ----D---- C:\windows\system32\en-US
2015-12-09 22:57:43 ----D---- C:\windows\system32\cs-CZ
2015-12-09 22:57:42 ----D---- C:\Program Files\Internet Explorer
2015-12-09 22:57:42 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-09 22:57:41 ----RSD---- C:\windows\Fonts
2015-12-09 22:57:38 ----RD---- C:\windows\ToastData
2015-12-09 10:59:57 ----D---- C:\windows\AppReadiness
2015-12-09 10:59:56 ----HD---- C:\Program Files\WindowsApps
2015-12-09 10:50:25 ----D---- C:\windows\system32\MRT
2015-12-01 18:19:27 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 LubSec;LubSec; C:\windows\System32\Drivers\LubSec.sys [2014-02-22 45304]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 SMIDriver;SMIDriver; C:\windows\system32\drivers\smi.sys [2014-01-22 19760]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 ACPIVPC;@oem37.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-12-21 35576]
R3 athr;@oem13.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athwbx.sys [2013-12-12 3881472]
R3 BTATH_BUS;@oem29.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\windows\System32\drivers\btath_bus.sys [2013-12-24 34384]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2013-12-24 597192]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 ETD;@oem12.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-02-18 377608]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-01-16 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-05-26 3975128]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-01-16 450520]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 RSP2STOR;@oem10.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\windows\system32\DRIVERS\RtsP2Stor.sys [2013-09-24 290520]
R3 RTL8168;@oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 rtsuvc;@oem19.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
R3 TXEIx64;@oem4.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2013-07-02 87568]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys [2015-04-08 80160]
S2 LubFsFlt;LubFsFlt; \??\C:\windows\System32\Drivers\LubFsFlt.sys [2014-02-22 27384]
S3 AthBTPort;@oem32.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2013-12-24 89800]
S3 BTATH_A2DP;@oem31.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2013-12-24 338120]
S3 btath_avdt;@oem31.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2013-12-24 116424]
S3 BTATH_HCRP;@oem34.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\windows\System32\drivers\btath_hcrp.sys [2013-12-24 179432]
S3 BTATH_LWFLT;@oem36.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2013-12-24 77464]
S3 BTATH_RCP;@oem38.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\windows\System32\drivers\btath_rcp.sys [2013-12-24 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-12-24 318592]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-09 99632]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-03-06 584632]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-21 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-09 1872808]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-21 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 Service Mgr DiscoverTreasure;Service Mgr DiscoverTreasure; C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugincontainer.exe [2015-12-26 779488]
R2 Update Mgr DiscoverTreasure;Update Mgr DiscoverTreasure; C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe [2015-12-26 632032]
R2 USBBKSvc;USBBKSvc; C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe [2013-12-25 35824]
R2 valWBFPolicyService;@oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service; C:\windows\System32\valWBFPolicyService.exe [2014-01-17 46992]
R2 valWbioSyncSvc;BiometricSensorDataSynchronization; C:\windows\system32\valWbioSyncSvc.exe [2014-01-17 32256]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-06 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22 107848]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-03-09 272440]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-21 305136]
-----------------EOF-----------------
Re: zavirovany NTB
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: zavirovany NTB
# AdwCleaner v5.026 - Logfile created 27/12/2015 at 10:09:58
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Windows 8.1 Connected (x64)
# Username : Daniela - KRAM
# Running from : C:\Users\Daniela\Desktop\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : Service Mgr DiscoverTreasure
[-] Service Deleted : Update Mgr DiscoverTreasure
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\SimpleFiles
[-] Folder Deleted : C:\Program Files (x86)\Discover Treasure
[-] Folder Deleted : C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77
[-] Folder Deleted : C:\ProgramData\pokki
[-] Folder Deleted : C:\ProgramData\Tmp0x0x
[-] Folder Deleted : C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\SimpleFiles
[-] Folder Deleted : C:\Users\Daniela\AppData\Local\pokki
[-] Folder Deleted : C:\Users\Daniela\AppData\Roaming\SimpleFiles
***** [ Files ] *****
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage-journal
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_my.parallaxsearch.com_0.localstorage
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_my.parallaxsearch.com_0.localstorage-journal
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage-journal
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tradeadexchange.com_0.localstorage
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tradeadexchange.com_0.localstorage-journal
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yoursearching.com_0.localstorage
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yoursearching.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser\Maxthon Cloud Browser.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Daniela\Desktop\Lenovo věci\Maxthon Cloud Browser.lnk
[-] Shortcut Disinfected : C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Daniela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut Disinfected : C:\Users\Daniela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{bfa55139-82af-4663-a19b-e135dac8d043}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395DA725-A162-43FF-B885-27BD92F112E8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{04FEAF9C-DC32-41C7-95CA-790E93488E7D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bfa55139-82af-4663-a19b-e135dac8d043}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{bfa55139-82af-4663-a19b-e135dac8d043}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{bfa55139-82af-4663-a19b-e135dac8d043}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395DA725-A162-43FF-B885-27BD92F112E8}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Pokki
[-] Key Deleted : HKCU\Software\SimpleFiles
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\SimpleFiles
[-] Key Deleted : HKLM\SOFTWARE\yoursearchingSoftware
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SimpleFiles
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\yoursearching uninstall
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Discover Treasure
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\esurf.biz
***** [ Web browsers ] *****
[-] [C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : yoursearching
[-] [C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.yoursearching.com/?type=hp&ts=14502 ... XZ4A3CCAHT
[-] [C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.yoursearching.com/webfavicon.ico
[-] [C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://www.yoursearching.com/web/?type=ds&ts=1 ... earchTerms}
[-] [C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.yoursearching.com/?type=hp&ts=14502 ... XZ4A3CCAHT
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7288 bytes] ##########
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Windows 8.1 Connected (x64)
# Username : Daniela - KRAM
# Running from : C:\Users\Daniela\Desktop\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : Service Mgr DiscoverTreasure
[-] Service Deleted : Update Mgr DiscoverTreasure
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\SimpleFiles
[-] Folder Deleted : C:\Program Files (x86)\Discover Treasure
[-] Folder Deleted : C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77
[-] Folder Deleted : C:\ProgramData\pokki
[-] Folder Deleted : C:\ProgramData\Tmp0x0x
[-] Folder Deleted : C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\SimpleFiles
[-] Folder Deleted : C:\Users\Daniela\AppData\Local\pokki
[-] Folder Deleted : C:\Users\Daniela\AppData\Roaming\SimpleFiles
***** [ Files ] *****
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage-journal
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_my.parallaxsearch.com_0.localstorage
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_my.parallaxsearch.com_0.localstorage-journal
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage-journal
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tradeadexchange.com_0.localstorage
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tradeadexchange.com_0.localstorage-journal
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yoursearching.com_0.localstorage
[-] File Deleted : C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yoursearching.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser\Maxthon Cloud Browser.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Daniela\Desktop\Lenovo věci\Maxthon Cloud Browser.lnk
[-] Shortcut Disinfected : C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Daniela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut Disinfected : C:\Users\Daniela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{bfa55139-82af-4663-a19b-e135dac8d043}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395DA725-A162-43FF-B885-27BD92F112E8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{04FEAF9C-DC32-41C7-95CA-790E93488E7D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bfa55139-82af-4663-a19b-e135dac8d043}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{bfa55139-82af-4663-a19b-e135dac8d043}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{bfa55139-82af-4663-a19b-e135dac8d043}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395DA725-A162-43FF-B885-27BD92F112E8}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Pokki
[-] Key Deleted : HKCU\Software\SimpleFiles
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\SimpleFiles
[-] Key Deleted : HKLM\SOFTWARE\yoursearchingSoftware
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SimpleFiles
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\yoursearching uninstall
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Discover Treasure
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\esurf.biz
***** [ Web browsers ] *****
[-] [C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : yoursearching
[-] [C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.yoursearching.com/?type=hp&ts=14502 ... XZ4A3CCAHT
[-] [C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.yoursearching.com/webfavicon.ico
[-] [C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://www.yoursearching.com/web/?type=ds&ts=1 ... earchTerms}
[-] [C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.yoursearching.com/?type=hp&ts=14502 ... XZ4A3CCAHT
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7288 bytes] ##########
Re: zavirovany NTB
prikladam i druhy log
moc dekuji
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 27. 12. 2015
Čas skenování: 10:22
Protokol: mbam.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2015.12.27.02
Databáze rootkitů: v2015.12.26.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Daniela
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 554894
Uplynulý čas: 3 hod, 2 min, 41 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 2
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\DiscoverTreasure, , [5faff5b50d7e65d1d0867841c63cc43c],
PUP.Optional.HoumPage.ShrtCln, HKU\S-1-5-21-480796221-827829538-3836116632-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CF34D395-9FF1-49A0-98A5-8DB1636431B1}, , [d737fab07f0c67cf11137d9707fd827e],
Hodnoty registru: 6
PUP.Optional.SimpleFiles, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{EBF45577-EB05-4ABE-87CD-6D4AEEF80C45}, v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe|Name=SimpleFiles|, , [e22c5a509eed1d19fa445bad52b21ee2]
PUP.Optional.SimpleFiles, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{EDFDF9CE-D676-4327-AA9B-4C7051BE7ED0}, v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe|Name=SimpleFiles|, , [ab63ccde35566cca66d860a89e66fb05]
PUP.Optional.SimpleFiles, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{C99F7D33-5BB6-4D0F-9A5E-CCDA86359FCE}, v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\SimpleFiles\downloader.exe|Name=SimpleFiles|, , [44ca2486d5b6e056ba8449bf867e03fd]
PUP.Optional.SimpleFiles, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{93F23802-9FF0-43FF-A46C-432BCBBDE985}, v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\SimpleFiles\downloader.exe|Name=SimpleFiles|, , [37d791197d0e68ce80bebd4b0103a858]
PUP.Optional.HoumPage.ShrtCln, HKU\S-1-5-21-480796221-827829538-3836116632-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{cf34d395-9ff1-49a0-98a5-8db1636431b1}|URL, http://houmpage.com/search/?src=ds&q={s ... 69f2b25b2e, , [d737fab07f0c67cf11137d9707fd827e]
Hijack.AutoConfigURL.ShrtCln, HKU\S-1-5-21-480796221-827829538-3836116632-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://unstopp.me/wpad.dat?233f6bf4b580 ... 4222627204, , [a26c02a8404b2b0ba32bc9488e76b848]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 2
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfickbdodbfehdhniodikjfgelbammja\1.0.5826.33606_0, , [16f83d6dbfcc4de92143209f8c7820e0],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfickbdodbfehdhniodikjfgelbammja, , [16f83d6dbfcc4de92143209f8c7820e0],
Soubory: 80
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe.vir, , [17f7efbb513a26103a36a5ae847d09f7],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Discover Treasure\Uninstaller.exe.vir, , [b05e4c5eff8c8ea86010eb6802ff3bc5],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Discover Treasure\Extensions\bfa55139-82af-4663-a19b-e135dac8d043.dll.vir, , [47c74a60e4a7a2940b6580d3f01110f0],
PUP.Optional.SimpleFiles, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SimpleFiles\downloader.exe.vir, , [709e406aafdcd165bd77436ef50f9070],
PUP.Optional.SimpleFiles, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SimpleFiles\SimpleFiles.exe.vir, , [4fbfa2082c5f1e1848ec0ea33dc7659b],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugincontainer.exe.vir, , [739bf7b385066dc9f779da79629ff907],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\10\Plugin.exe.vir, , [14fa7f2bd8b378bed29ebb98da2745bb],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\12\Plugin.exe.vir, , [57b7cae095f62e08b0c0b49f08f9718f],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\12\resources\plugin.dll.vir, , [709e9416adde55e1e58bbf941fe2dd23],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\2\Plugin.exe.vir, , [a866d2d863280c2ad799d08359a8e818],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\3\Plugin.exe.vir, , [828c9317672485b10967ef64b948e41c],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\5\Plugin.exe.vir, , [ff0f92185734ba7c304054ff758ca65a],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\Plugin.exe.vir, , [5fafc6e4d6b52b0bb5bbbd9636cb7888],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\resources\40.0.0.dll.vir, , [0a0400aad8b3d6603a3656fd36cb3ec2],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\resources\45.0.1.dll.vir, , [41cd5159147773c3b7b983d08879c33d],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\8\Plugin.exe.vir, , [808ee1c997f445f1323ea9aa936e7d83],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\SzXZhtzUv1.exe, , [030b5357aeddfa3c4c2413406d9441bf],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{6196E746-F9A0-4A9C-8C9D-9BEABA0D8F90}.dll, , [e02e9515fd8ebb7be38dc68d9e63c43c],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{D3A08866-FB5B-4611-B217-EFDAD50F8BA5}.dll, , [56b897138dfee4525e12b2a146bba858],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{FC039524-0529-42E6-AD80-0B40B5220E87}.dll, , [8b831991abe078be7ef28ac9df2252ae],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{022F2F72-12C6-474D-9477-D706BAFE6581}.dll, , [838b4a601d6efe388be5e370d42d5fa1],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{07783173-9C4B-43E8-992C-B308E698509B}.dll, , [a06e6f3b73185adc125ef16232cf4fb1],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{10CA6098-110D-451D-AB4E-3A196FE55C41}.dll, , [9d719614d3b8162019579fb4af52748c],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{20578B57-8C4B-4427-A66C-D64C4140D1EA}.dll, , [69a5327867249c9a601054ff9c65c33d],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{21685856-AE2B-44A8-B1F5-0AC6749137F5}.dll, , [26e82c7e95f60e28fe727ad98b767789],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{2BAE24D8-B4BE-46B6-9615-3FB5423C577A}.dll, , [6ca2ddcd2467ea4cf9778ac9af522ed2],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{8D92657F-243A-4B4F-A91B-DFBEC80E0693}.dll, , [a26c971377146acc7af6c78ce021ff01],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{9178C503-951D-4147-903A-39A2AA11A967}.dll, , [947ab1f903886fc72f413320ab5610f0],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{9A4DDBB7-85A4-4681-A8C1-B4BEF5878399}.dll, , [2ae48e1cbfcc300680f03320758c13ed],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{9FF79D6C-C370-4347-BBA6-44D30688B7D8}.dll, , [040a2c7e5f2cec4a373970e309f82ad6],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{A88743E9-EE6A-48EB-8EF6-F0EAEBF4F4A5}.dll, , [53bb2a8091fa1125acc47ed5fe030af6],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{AB6EEC71-9DBB-40DA-A6B5-D4AD2077D735}.dll, , [fa141595dcaf56e01b555ef59f6245bb],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{B733410A-B285-467A-835C-94D4D1E97829}.dll, , [25e9c5e5206b8bab561ad182748dbc44],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{C1EA5AD9-545F-4CD9-9E47-05DB64BF03ED}.dll, , [dd31dfcba0ebd85ed997e76c27dab848],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{C6C92040-71E7-47C1-BA08-345B58408797}.dll, , [19f574368dfe0531cfa19eb5ec15cd33],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{FC9745C6-F5EF-4CD9-A0C3-EC903AD6A53A}.dll, , [0c02cbdf0d7e0a2c442cf85ba061cf31],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{FD806D8E-6CAB-4A9E-86D1-A15C590478C8}.dll, , [27e7bded9deea98df8784112c938de22],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{FD9F948F-D082-43FA-9208-F587172C6805}.dll, , [28e6dcce840720165b152f24ce3333cd],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{381CA2A1-5F0F-42FB-8276-5CDE194788C4}.dll, , [9876b5f514771a1c115f9cb729d857a9],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{3CF879EF-978E-4604-95B4-EAA0A3E0DEA3}.dll, , [51bd88220784dc5a9cd4c3901ce539c7],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{3E37AAA5-9219-4AA1-837D-2B2465700591}.dll, , [a965f1b97714360071ff31222bd6ea16],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{4944881E-32CC-43E5-84EF-DF050DA2A51D}.dll, , [d43a4d5d29622b0b9dd3e66d52afc53b],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{4ED52A53-D5B7-4258-BBA0-49BE4EC61B4C}.dll, , [b45ab3f72269e452165a92c140c1af51],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{56AD78BF-0A22-4822-87FD-412D226955EB}.dll, , [0a044367b4d712245c14aca724dd1ee2],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{57564ECB-AE86-4F63-8E10-899B08304149}.dll, , [ce40beec9eed3006224ec68d3ac7b54b],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{58773E34-51C5-408D-A67D-41A761EF202B}.dll, , [3ed076348b008ea874fcf95a17ea59a7],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{5D61295A-F42B-41AD-8648-3DD2C8FA78D6}.dll, , [3fcf5c4e8209ce68561a8ac954ade917],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{5D6B4EA8-A5DF-4F5C-B98B-EBD81AA7C146}.dll, , [5ab44367c9c2a0963f3173e0e41dee12],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{64FA0BA4-6346-4B65-ABE9-71C126C4D89D}.dll, , [7e90466426651c1a4729cb888a7755ab],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{66A47D69-58E7-4098-84C5-4F9271FE6F7B}.dll, , [e727545625664de9541cec67669b28d8],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{6E0D777C-16E5-4926-B22F-883A121B8F42}.dll, , [95793d6d4b40c472135de96a02ff728e],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{734FBBA7-5D77-4F14-8CB9-0E8AA919D756}.dll, , [53bbf3b7fe8d51e50d63272c6f927987],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{7A3F01BE-A4FF-4A00-82D2-A4E5F11AB126}.dll, , [c7472a80f299ef473739fe55fd04aa56],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{84F72E5D-5C09-40B4-93B2-65892F7D4FE5}.dll, , [030b5d4d5536bb7b432d5df68a77bc44],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{85503ABE-C578-4E66-867A-3A314B45C4F7}.dll, , [dc3208a2d9b279bd7ef27ad909f8ec14],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{899D765E-81A6-43F7-860A-5D8D5C5AAE00}.dll, , [68a6fab072198aac551b0b4857aa3fc1],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{8B618902-AB12-427F-AEAD-7CCF349562A9}.dll, , [67a7b0fa8506ce681d53b69d966bec14],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{D695A9BC-E1C3-463D-8F85-6CD479A519BB}.dll, , [96780d9d513a62d45020df7411f03fc1],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{DDD5EA0B-B53A-4701-8FEF-08AE92D31CA4}.dll, , [c44a00aabbd003337df388cbce33d927],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{E082CE25-138B-4572-A11E-FB457A04DF77}.dll, , [0c025852b6d584b26a069fb4df2256aa],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{E1A37DAF-16C8-4ACC-A75B-A891980020E4}.dll, , [7c921c8ec0cb95a1a6ca5ef538c9f30d],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{E3909C04-8B78-4162-A5D1-38B39F496D8B}.dll, , [ae605357f299d462630d351e9f62f60a],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{E53F9072-6131-44FA-827E-434E169CE3E4}.dll, , [a16d1d8d5a31a98d2749272c41c01ce4],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{E577869D-AE53-4EE6-99DD-A474DB0C91C1}.dll, , [25e91d8dc4c75adcbdb3bb984db40af6],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{ECC6E33A-4710-437A-989A-19647207F86E}.dll, , [838b74367e0d95a13f3160f3c73aef11],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{F1C1776E-F2EC-4F89-A96C-56DC3EB1C290}.dll, , [c549406a404b171f90e0421138c91be5],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{F700842E-2D78-4F29-B315-055A60E6A7C3}.dll, , [1df1a703543790a6db95a2b1cf320cf4],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage, , [c14d406aacdfbc7adb197f3655ad26da],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal, , [ec229f0bddae72c4dd1700b5d82ae917],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage, , [0905b0fafa91e4523d178237da28f30d],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage-journal, , [f01e7931701b57df0e4618a1e02201ff],
PUP.Optional.AdNetworkPerformance, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage, , [8b838822c3c8fd39c1850c0600046b95],
PUP.Optional.AdNetworkPerformance, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage-journal, , [43cb2f7b3a5101359fa77c96b74d52ae],
PUP.Optional.PriceMoon, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage, , [b15d00aafb9063d3f7946ca8e420817f],
PUP.Optional.PriceMoon, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage-journal, , [3cd28426b9d267cf89022ee627dd8f71],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfickbdodbfehdhniodikjfgelbammja\1.0.5826.33606_0\manifest.json, , [16f83d6dbfcc4de92143209f8c7820e0],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfickbdodbfehdhniodikjfgelbammja\1.0.5826.33606_0\background.js, , [16f83d6dbfcc4de92143209f8c7820e0],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfickbdodbfehdhniodikjfgelbammja\1.0.5826.33606_0\content.js, , [16f83d6dbfcc4de92143209f8c7820e0],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfickbdodbfehdhniodikjfgelbammja\1.0.5826.33606_0\icon.png, , [16f83d6dbfcc4de92143209f8c7820e0],
PUP.Optional.YourSearching.ShrtCln, C:\Users\Daniela\AppData\Local\Temp\HomePage.dat, , [05094961e0ab3df910fb00c064a0847c],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
moc dekuji
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 27. 12. 2015
Čas skenování: 10:22
Protokol: mbam.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2015.12.27.02
Databáze rootkitů: v2015.12.26.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Daniela
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 554894
Uplynulý čas: 3 hod, 2 min, 41 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 2
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\DiscoverTreasure, , [5faff5b50d7e65d1d0867841c63cc43c],
PUP.Optional.HoumPage.ShrtCln, HKU\S-1-5-21-480796221-827829538-3836116632-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CF34D395-9FF1-49A0-98A5-8DB1636431B1}, , [d737fab07f0c67cf11137d9707fd827e],
Hodnoty registru: 6
PUP.Optional.SimpleFiles, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{EBF45577-EB05-4ABE-87CD-6D4AEEF80C45}, v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe|Name=SimpleFiles|, , [e22c5a509eed1d19fa445bad52b21ee2]
PUP.Optional.SimpleFiles, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{EDFDF9CE-D676-4327-AA9B-4C7051BE7ED0}, v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe|Name=SimpleFiles|, , [ab63ccde35566cca66d860a89e66fb05]
PUP.Optional.SimpleFiles, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{C99F7D33-5BB6-4D0F-9A5E-CCDA86359FCE}, v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\SimpleFiles\downloader.exe|Name=SimpleFiles|, , [44ca2486d5b6e056ba8449bf867e03fd]
PUP.Optional.SimpleFiles, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{93F23802-9FF0-43FF-A46C-432BCBBDE985}, v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\SimpleFiles\downloader.exe|Name=SimpleFiles|, , [37d791197d0e68ce80bebd4b0103a858]
PUP.Optional.HoumPage.ShrtCln, HKU\S-1-5-21-480796221-827829538-3836116632-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{cf34d395-9ff1-49a0-98a5-8db1636431b1}|URL, http://houmpage.com/search/?src=ds&q={s ... 69f2b25b2e, , [d737fab07f0c67cf11137d9707fd827e]
Hijack.AutoConfigURL.ShrtCln, HKU\S-1-5-21-480796221-827829538-3836116632-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://unstopp.me/wpad.dat?233f6bf4b580 ... 4222627204, , [a26c02a8404b2b0ba32bc9488e76b848]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 2
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfickbdodbfehdhniodikjfgelbammja\1.0.5826.33606_0, , [16f83d6dbfcc4de92143209f8c7820e0],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfickbdodbfehdhniodikjfgelbammja, , [16f83d6dbfcc4de92143209f8c7820e0],
Soubory: 80
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe.vir, , [17f7efbb513a26103a36a5ae847d09f7],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Discover Treasure\Uninstaller.exe.vir, , [b05e4c5eff8c8ea86010eb6802ff3bc5],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Discover Treasure\Extensions\bfa55139-82af-4663-a19b-e135dac8d043.dll.vir, , [47c74a60e4a7a2940b6580d3f01110f0],
PUP.Optional.SimpleFiles, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SimpleFiles\downloader.exe.vir, , [709e406aafdcd165bd77436ef50f9070],
PUP.Optional.SimpleFiles, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SimpleFiles\SimpleFiles.exe.vir, , [4fbfa2082c5f1e1848ec0ea33dc7659b],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugincontainer.exe.vir, , [739bf7b385066dc9f779da79629ff907],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\10\Plugin.exe.vir, , [14fa7f2bd8b378bed29ebb98da2745bb],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\12\Plugin.exe.vir, , [57b7cae095f62e08b0c0b49f08f9718f],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\12\resources\plugin.dll.vir, , [709e9416adde55e1e58bbf941fe2dd23],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\2\Plugin.exe.vir, , [a866d2d863280c2ad799d08359a8e818],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\3\Plugin.exe.vir, , [828c9317672485b10967ef64b948e41c],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\5\Plugin.exe.vir, , [ff0f92185734ba7c304054ff758ca65a],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\Plugin.exe.vir, , [5fafc6e4d6b52b0bb5bbbd9636cb7888],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\resources\40.0.0.dll.vir, , [0a0400aad8b3d6603a3656fd36cb3ec2],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\resources\45.0.1.dll.vir, , [41cd5159147773c3b7b983d08879c33d],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\8\Plugin.exe.vir, , [808ee1c997f445f1323ea9aa936e7d83],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\SzXZhtzUv1.exe, , [030b5357aeddfa3c4c2413406d9441bf],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{6196E746-F9A0-4A9C-8C9D-9BEABA0D8F90}.dll, , [e02e9515fd8ebb7be38dc68d9e63c43c],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{D3A08866-FB5B-4611-B217-EFDAD50F8BA5}.dll, , [56b897138dfee4525e12b2a146bba858],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{FC039524-0529-42E6-AD80-0B40B5220E87}.dll, , [8b831991abe078be7ef28ac9df2252ae],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{022F2F72-12C6-474D-9477-D706BAFE6581}.dll, , [838b4a601d6efe388be5e370d42d5fa1],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{07783173-9C4B-43E8-992C-B308E698509B}.dll, , [a06e6f3b73185adc125ef16232cf4fb1],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{10CA6098-110D-451D-AB4E-3A196FE55C41}.dll, , [9d719614d3b8162019579fb4af52748c],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{20578B57-8C4B-4427-A66C-D64C4140D1EA}.dll, , [69a5327867249c9a601054ff9c65c33d],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{21685856-AE2B-44A8-B1F5-0AC6749137F5}.dll, , [26e82c7e95f60e28fe727ad98b767789],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{2BAE24D8-B4BE-46B6-9615-3FB5423C577A}.dll, , [6ca2ddcd2467ea4cf9778ac9af522ed2],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{8D92657F-243A-4B4F-A91B-DFBEC80E0693}.dll, , [a26c971377146acc7af6c78ce021ff01],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{9178C503-951D-4147-903A-39A2AA11A967}.dll, , [947ab1f903886fc72f413320ab5610f0],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{9A4DDBB7-85A4-4681-A8C1-B4BEF5878399}.dll, , [2ae48e1cbfcc300680f03320758c13ed],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{9FF79D6C-C370-4347-BBA6-44D30688B7D8}.dll, , [040a2c7e5f2cec4a373970e309f82ad6],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{A88743E9-EE6A-48EB-8EF6-F0EAEBF4F4A5}.dll, , [53bb2a8091fa1125acc47ed5fe030af6],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{AB6EEC71-9DBB-40DA-A6B5-D4AD2077D735}.dll, , [fa141595dcaf56e01b555ef59f6245bb],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{B733410A-B285-467A-835C-94D4D1E97829}.dll, , [25e9c5e5206b8bab561ad182748dbc44],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{C1EA5AD9-545F-4CD9-9E47-05DB64BF03ED}.dll, , [dd31dfcba0ebd85ed997e76c27dab848],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{C6C92040-71E7-47C1-BA08-345B58408797}.dll, , [19f574368dfe0531cfa19eb5ec15cd33],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{FC9745C6-F5EF-4CD9-A0C3-EC903AD6A53A}.dll, , [0c02cbdf0d7e0a2c442cf85ba061cf31],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{FD806D8E-6CAB-4A9E-86D1-A15C590478C8}.dll, , [27e7bded9deea98df8784112c938de22],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{FD9F948F-D082-43FA-9208-F587172C6805}.dll, , [28e6dcce840720165b152f24ce3333cd],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{381CA2A1-5F0F-42FB-8276-5CDE194788C4}.dll, , [9876b5f514771a1c115f9cb729d857a9],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{3CF879EF-978E-4604-95B4-EAA0A3E0DEA3}.dll, , [51bd88220784dc5a9cd4c3901ce539c7],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{3E37AAA5-9219-4AA1-837D-2B2465700591}.dll, , [a965f1b97714360071ff31222bd6ea16],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{4944881E-32CC-43E5-84EF-DF050DA2A51D}.dll, , [d43a4d5d29622b0b9dd3e66d52afc53b],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{4ED52A53-D5B7-4258-BBA0-49BE4EC61B4C}.dll, , [b45ab3f72269e452165a92c140c1af51],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{56AD78BF-0A22-4822-87FD-412D226955EB}.dll, , [0a044367b4d712245c14aca724dd1ee2],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{57564ECB-AE86-4F63-8E10-899B08304149}.dll, , [ce40beec9eed3006224ec68d3ac7b54b],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{58773E34-51C5-408D-A67D-41A761EF202B}.dll, , [3ed076348b008ea874fcf95a17ea59a7],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{5D61295A-F42B-41AD-8648-3DD2C8FA78D6}.dll, , [3fcf5c4e8209ce68561a8ac954ade917],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{5D6B4EA8-A5DF-4F5C-B98B-EBD81AA7C146}.dll, , [5ab44367c9c2a0963f3173e0e41dee12],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{64FA0BA4-6346-4B65-ABE9-71C126C4D89D}.dll, , [7e90466426651c1a4729cb888a7755ab],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{66A47D69-58E7-4098-84C5-4F9271FE6F7B}.dll, , [e727545625664de9541cec67669b28d8],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{6E0D777C-16E5-4926-B22F-883A121B8F42}.dll, , [95793d6d4b40c472135de96a02ff728e],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{734FBBA7-5D77-4F14-8CB9-0E8AA919D756}.dll, , [53bbf3b7fe8d51e50d63272c6f927987],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{7A3F01BE-A4FF-4A00-82D2-A4E5F11AB126}.dll, , [c7472a80f299ef473739fe55fd04aa56],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{84F72E5D-5C09-40B4-93B2-65892F7D4FE5}.dll, , [030b5d4d5536bb7b432d5df68a77bc44],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{85503ABE-C578-4E66-867A-3A314B45C4F7}.dll, , [dc3208a2d9b279bd7ef27ad909f8ec14],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{899D765E-81A6-43F7-860A-5D8D5C5AAE00}.dll, , [68a6fab072198aac551b0b4857aa3fc1],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{8B618902-AB12-427F-AEAD-7CCF349562A9}.dll, , [67a7b0fa8506ce681d53b69d966bec14],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{D695A9BC-E1C3-463D-8F85-6CD479A519BB}.dll, , [96780d9d513a62d45020df7411f03fc1],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{DDD5EA0B-B53A-4701-8FEF-08AE92D31CA4}.dll, , [c44a00aabbd003337df388cbce33d927],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{E082CE25-138B-4572-A11E-FB457A04DF77}.dll, , [0c025852b6d584b26a069fb4df2256aa],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{E1A37DAF-16C8-4ACC-A75B-A891980020E4}.dll, , [7c921c8ec0cb95a1a6ca5ef538c9f30d],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{E3909C04-8B78-4162-A5D1-38B39F496D8B}.dll, , [ae605357f299d462630d351e9f62f60a],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{E53F9072-6131-44FA-827E-434E169CE3E4}.dll, , [a16d1d8d5a31a98d2749272c41c01ce4],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{E577869D-AE53-4EE6-99DD-A474DB0C91C1}.dll, , [25e91d8dc4c75adcbdb3bb984db40af6],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{ECC6E33A-4710-437A-989A-19647207F86E}.dll, , [838b74367e0d95a13f3160f3c73aef11],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{F1C1776E-F2EC-4F89-A96C-56DC3EB1C290}.dll, , [c549406a404b171f90e0421138c91be5],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Temp\{F700842E-2D78-4F29-B315-055A60E6A7C3}.dll, , [1df1a703543790a6db95a2b1cf320cf4],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage, , [c14d406aacdfbc7adb197f3655ad26da],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal, , [ec229f0bddae72c4dd1700b5d82ae917],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage, , [0905b0fafa91e4523d178237da28f30d],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage-journal, , [f01e7931701b57df0e4618a1e02201ff],
PUP.Optional.AdNetworkPerformance, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage, , [8b838822c3c8fd39c1850c0600046b95],
PUP.Optional.AdNetworkPerformance, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage-journal, , [43cb2f7b3a5101359fa77c96b74d52ae],
PUP.Optional.PriceMoon, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage, , [b15d00aafb9063d3f7946ca8e420817f],
PUP.Optional.PriceMoon, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage-journal, , [3cd28426b9d267cf89022ee627dd8f71],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfickbdodbfehdhniodikjfgelbammja\1.0.5826.33606_0\manifest.json, , [16f83d6dbfcc4de92143209f8c7820e0],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfickbdodbfehdhniodikjfgelbammja\1.0.5826.33606_0\background.js, , [16f83d6dbfcc4de92143209f8c7820e0],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfickbdodbfehdhniodikjfgelbammja\1.0.5826.33606_0\content.js, , [16f83d6dbfcc4de92143209f8c7820e0],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfickbdodbfehdhniodikjfgelbammja\1.0.5826.33606_0\icon.png, , [16f83d6dbfcc4de92143209f8c7820e0],
PUP.Optional.YourSearching.ShrtCln, C:\Users\Daniela\AppData\Local\Temp\HomePage.dat, , [05094961e0ab3df910fb00c064a0847c],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: zavirovany NTB
Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: zavirovany NTB
Bohuzel je stav stale stejna vyjizdi spousta vyskakovacich oken, neustale se otviraji ruzne stranky:
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenování: 27. 12. 2015
Čas skenování: 14:15
Protokol: mbam2.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2015.12.27.02
Databáze rootkitů: v2015.12.26.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Daniela
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 555070
Uplynulý čas: 3 hod, 3 min, 53 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 4
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage, , [ae604c5eeaa144f242122f8a80829f61],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage-journal, , [14fa307a4f3c9f9703516c4d29d9ef11],
PUP.Optional.PriceMoon, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage, , [68a647634f3cd4626a21997b09fbdb25],
PUP.Optional.PriceMoon, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage-journal, , [52bc6c3e9af1fa3c464552c23bc92ad6],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenování: 27. 12. 2015
Čas skenování: 14:15
Protokol: mbam2.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2015.12.27.02
Databáze rootkitů: v2015.12.26.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Daniela
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 555070
Uplynulý čas: 3 hod, 3 min, 53 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 4
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage, , [ae604c5eeaa144f242122f8a80829f61],
PUP.Optional.Yontoo, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage-journal, , [14fa307a4f3c9f9703516c4d29d9ef11],
PUP.Optional.PriceMoon, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage, , [68a647634f3cd4626a21997b09fbdb25],
PUP.Optional.PriceMoon, C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage-journal, , [52bc6c3e9af1fa3c464552c23bc92ad6],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: zavirovany NTB
Nalezy nechte odstranit, pak MBAM odinstalujte. Postupujte podle navodu kolegy
vyosek píše:
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Postupujte podle navodu kolegy
vyosek píše:
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: zavirovany NTB
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 8.1 Connected x64
Ran by Daniela (Administrator) on Łt 29. 12. 2015 at 17:35:21,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 2
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1B273BF2-E379-4654-992F-87EBFDD3BC1E} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 29. 12. 2015 at 17:40:04,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 8.1 Connected x64
Ran by Daniela (Administrator) on Łt 29. 12. 2015 at 17:35:21,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 2
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1B273BF2-E379-4654-992F-87EBFDD3BC1E} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 29. 12. 2015 at 17:40:04,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: zavirovany NTB
stav stále stejný:
Zoek.exe v5.0.0.1 Updated 27-December-2015
Tool run by Daniela on Łt 29. 12. 2015 at 17:42:58,95.
Microsoft Windows 8.1 s aplikací Bing 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Daniela\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
29. 12. 2015 17:43:47 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\Users\Daniela\AppData\Local\EmieSiteList deleted successfully
C:\Users\Daniela\AppData\Local\EmieUserList deleted successfully
C:\Users\Daniela\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\windows\SysNative\Tasks\OFFICE2013ACT deleted
C:\windows\sysWoW64\config\systemprofile\.android deleted
C:\Users\Public\Pokki deleted
C:\windows\SysNative\config\systemprofile\AppData\Roaming\ETDCoInstaller.log deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Daniela\Downloads\bsplayer269-1079.exe deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Daniela\AppData\Roaming\LoJackSetup.exe deleted
==== Orphaned Tasks deleted from Registry ======================
Lenovo\StartLenovoMessenger deleted
OFFICE2013ACT deleted
==== Chromium Look ======================
Google Chrome Version: 46.0.2490.80
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12. 10. 2015 09:31]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
fcfenmboojpjinhpgggodefccipikbpd - No path found[]
Skype - Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
==== Chromium Fix ======================
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.directrev.com_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.directrev.com_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.ad4game.com_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.ad4game.com_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adsproz1.com_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adsproz1.com_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkID= ... 82DAC4A1AF"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkID= ... 82DAC4A1AF"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{1B273BF2-E379-4654-992F-87EBFDD3BC1E}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\SearchScopes\{1B273BF2-E379-4654-992F-87EBFDD3BC1E} - http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{1B273BF2-E379-4654-992F-87EBFDD3BC1E}"
HKLM\Wow6432Node\SearchScopes\{1B273BF2-E379-4654-992F-87EBFDD3BC1E} - http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?PC=WCUG&FORM ... earchTerms}
==== Reset Google Chrome ======================
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Daniela\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Daniela\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Daniela\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Daniela\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=5634 folders=120 286111205 bytes)
==== Empty Temp Folders ======================
C:\Users\Daniela\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Daniela\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found
"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on Łt 29. 12. 2015 at 18:18:31,60 ======================
Zoek.exe v5.0.0.1 Updated 27-December-2015
Tool run by Daniela on Łt 29. 12. 2015 at 17:42:58,95.
Microsoft Windows 8.1 s aplikací Bing 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Daniela\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
29. 12. 2015 17:43:47 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\Users\Daniela\AppData\Local\EmieSiteList deleted successfully
C:\Users\Daniela\AppData\Local\EmieUserList deleted successfully
C:\Users\Daniela\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\windows\SysNative\Tasks\OFFICE2013ACT deleted
C:\windows\sysWoW64\config\systemprofile\.android deleted
C:\Users\Public\Pokki deleted
C:\windows\SysNative\config\systemprofile\AppData\Roaming\ETDCoInstaller.log deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Daniela\Downloads\bsplayer269-1079.exe deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Daniela\AppData\Roaming\LoJackSetup.exe deleted
==== Orphaned Tasks deleted from Registry ======================
Lenovo\StartLenovoMessenger deleted
OFFICE2013ACT deleted
==== Chromium Look ======================
Google Chrome Version: 46.0.2490.80
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12. 10. 2015 09:31]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
fcfenmboojpjinhpgggodefccipikbpd - No path found[]
Skype - Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
==== Chromium Fix ======================
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.directrev.com_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.directrev.com_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.ad4game.com_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.ad4game.com_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adsproz1.com_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adsproz1.com_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage deleted successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkID= ... 82DAC4A1AF"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkID= ... 82DAC4A1AF"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{1B273BF2-E379-4654-992F-87EBFDD3BC1E}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\SearchScopes\{1B273BF2-E379-4654-992F-87EBFDD3BC1E} - http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{1B273BF2-E379-4654-992F-87EBFDD3BC1E}"
HKLM\Wow6432Node\SearchScopes\{1B273BF2-E379-4654-992F-87EBFDD3BC1E} - http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?PC=WCUG&FORM ... earchTerms}
==== Reset Google Chrome ======================
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Daniela\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Daniela\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Daniela\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Daniela\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=5634 folders=120 286111205 bytes)
==== Empty Temp Folders ======================
C:\Users\Daniela\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Daniela\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found
"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on Łt 29. 12. 2015 at 18:18:31,60 ======================
Re: zavirovany NTB
Dela to ve vsech prohlizecich? Dejte novy log z RSITx64a k tomu
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: zavirovany NTB
Dělal to v IE a Chromenyní to dělá již jen v chrome:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Daniela at 2015-12-30 16:20:32
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 300 GB (69%) free of 435 GB
Total RAM: 3978 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:20:38, on 30. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\Lenovo Messenger\NotificationsViewHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\Daniela.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 82DAC4A1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BingSvc] C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: USBBKSvc - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe
O23 - Service: @oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\windows\System32\valWBFPolicyService.exe (file missing)
O23 - Service: BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\windows\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9888 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ecbbd21a-fe34-4803-a1b2-30f0d250bedc -SystemEventPortName:HostProcess-49d840f2-83d5-4279-89f4-20391d1b73ba -IoCancelEventPortName:HostProcess-85b83202-ffa8-485f-b9ca-d709ebeaffb7 -NonStateChangingEventPortName:HostProcess-47944458-83f1-485e-8791-010c42f41d21 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:019cb6ba-1c40-4b36-96e6-997d72bc804e -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-954a1a6f-5ce4-40ca-82d2-832ad067d110 -SystemEventPortName:HostProcess-a99dab83-dcf7-4696-a0f6-cb49d2d9c860 -IoCancelEventPortName:HostProcess-a10cb632-78a1-493d-a5a7-49993d94033f -NonStateChangingEventPortName:HostProcess-42739c54-5bba-4044-830b-88b3a63e9831 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:256d6dc7-6d79-4595-990a-700eb6b27895 -DeviceGroupId:WudfDefaultDevicePool
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
dashost.exe {3d02d9d6-05da-4522-99c28a03caa423d1}
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe"
C:\windows\System32\valWBFPolicyService.exe
C:\windows\system32\valWbioSyncSvc.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Elantech\ETDCtrl.exe"
"c:\Program Files\Validity Sensors\Shared\SensorDBSynch.exe"
\??\C:\windows\system32\conhost.exe 0x4
taskhostex.exe
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files\Windows Defender\MSASCui.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5084 --on-initialized-event-handle=440 --parent-handle=444
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="136.0.1230902834\462267496" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StableHQPFrequencyBugFix_PrePeriod_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="136.8.1261518919\434143297" --font-cache-shared-handle=5128 /prefetch:673131151
adb fork-server server
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="136.10.564842988\122405748" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --device-scale-factor=1 --font-cache-shared-handle=6228 --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Lenovo\Lenovo Messenger\NotificationsViewHost.exe" -taskbar
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StableHQPFrequencyBugFix_PrePeriod_2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/*SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="136.13.1671742901\715093110" --font-cache-shared-handle=2096 /prefetch:673131151
service
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x140_0x11a4_0x54ecfe81"
"C:\totalcmd\TOTALCMD.EXE"
C:\windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Users\Daniela\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-03-06 391152]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2014-03-06 771568]
"Persistence"=C:\windows\system32\igfxpers.exe [2014-03-06 770544]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26 13672152]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-19 2892616]
"RtsFT"=C:\windows\RTFTrack.exe [2014-01-21 6340312]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-12-21 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-21 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-21 10973168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2014-03-31 4272840]
"BingSvc"=C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-12-09 144008]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-11-30 50509440]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2014-01-16 624640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-29 18:29:22 ----A---- C:\windows\UC.PIF
2015-12-29 18:29:22 ----A---- C:\windows\RAR.PIF
2015-12-29 18:29:22 ----A---- C:\windows\PKZIP.PIF
2015-12-29 18:29:22 ----A---- C:\windows\PKUNZIP.PIF
2015-12-29 18:29:22 ----A---- C:\windows\LHA.PIF
2015-12-29 18:29:22 ----A---- C:\windows\ARJ.PIF
2015-12-29 18:29:21 ----D---- C:\Users\Daniela\AppData\Roaming\GHISLER
2015-12-29 18:29:21 ----D---- C:\totalcmd
2015-12-29 18:22:19 ----D---- C:\Users\Daniela\AppData\Roaming\Opera Software
2015-12-29 18:22:05 ----D---- C:\Program Files (x86)\Opera
2015-12-29 18:18:38 ----SHD---- C:\$RECYCLE.BIN
2015-12-29 18:10:08 ----A---- C:\windows\zoek-delete.exe
2015-12-29 18:10:06 ----D---- C:\windows\Temp
2015-12-29 17:42:37 ----D---- C:\zoek_backup
2015-12-27 10:19:22 ----D---- C:\ProgramData\Malwarebytes
2015-12-27 10:01:18 ----D---- C:\AdwCleaner
2015-12-26 22:03:17 ----D---- C:\rsit
2015-12-26 22:03:17 ----D---- C:\Program Files\trend micro
2015-12-26 16:33:16 ----D---- C:\Users\Daniela\AppData\Roaming\LolClient
2015-12-26 14:38:09 ----D---- C:\ProgramData\Riot Games
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\XAudio2_2.dll
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\XAPOFX1_1.dll
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\d3dx10_39.dll
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\D3DCompiler_39.dll
2015-12-26 14:37:02 ----A---- C:\windows\SYSWOW64\D3DX9_39.dll
2015-12-26 14:36:37 ----D---- C:\Riot Games
2015-12-26 14:30:40 ----D---- C:\Users\Daniela\AppData\Roaming\Riot Games
2015-12-26 12:53:04 ----D---- C:\Program Files (x86)\trend micro
2015-12-26 12:26:36 ----A---- C:\windows\ntbtlog.txt
2015-12-26 11:50:55 ----N---- C:\windows\system32\MpSigStub.exe
2015-12-21 14:16:11 ----A---- C:\windows\system32\aspnet_counters.dll
2015-12-21 14:16:08 ----A---- C:\windows\SYSWOW64\aspnet_counters.dll
2015-12-10 18:19:34 ----D---- C:\Users\Daniela\AppData\Roaming\Maxthon3
2015-12-09 11:12:59 ----A---- C:\windows\system32\invagent.dll
2015-12-09 11:12:59 ----A---- C:\windows\system32\devinv.dll
2015-12-09 11:12:59 ----A---- C:\windows\system32\appraiser.dll
2015-12-09 11:12:58 ----A---- C:\windows\system32\generaltel.dll
2015-12-09 11:12:58 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-12-09 11:12:58 ----A---- C:\windows\system32\aeinv.dll
2015-12-09 11:12:58 ----A---- C:\windows\system32\acmigration.dll
2015-12-09 10:20:13 ----A---- C:\windows\system32\drivers\tdx.sys
2015-12-09 10:20:13 ----A---- C:\windows\system32\drivers\afd.sys
2015-12-09 10:20:10 ----A---- C:\windows\system32\schannel.dll
2015-12-09 10:20:09 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-12-09 10:20:09 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll
2015-12-09 10:20:09 ----A---- C:\windows\SYSWOW64\bcryptprimitives.dll
2015-12-09 10:20:09 ----A---- C:\windows\system32\ncryptsslp.dll
2015-12-09 10:20:09 ----A---- C:\windows\system32\ncrypt.dll
2015-12-09 10:20:09 ----A---- C:\windows\system32\bcryptprimitives.dll
2015-12-09 10:20:08 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-12-09 10:19:46 ----A---- C:\windows\system32\AuthHost.exe
2015-12-09 10:19:45 ----A---- C:\windows\SYSWOW64\untfs.dll
2015-12-09 10:19:44 ----A---- C:\windows\system32\untfs.dll
2015-12-09 10:19:43 ----A---- C:\windows\system32\drivers\tunnel.sys
2015-12-09 10:19:42 ----AC---- C:\windows\system32\drivers\tpm.sys
2015-12-09 10:19:41 ----A---- C:\windows\system32\drivers\rmcast.sys
2015-12-09 10:19:40 ----A---- C:\windows\SYSWOW64\gdi32.dll
2015-12-09 10:19:40 ----A---- C:\windows\system32\gdi32.dll
2015-12-09 10:18:20 ----A---- C:\windows\system32\mshtml.dll
2015-12-09 10:17:47 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-12-09 10:17:29 ----A---- C:\windows\system32\jscript9.dll
2015-12-09 10:17:28 ----A---- C:\windows\system32\ieframe.dll
2015-12-09 10:17:26 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-12-09 10:17:25 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-12-09 10:17:24 ----A---- C:\windows\system32\wininet.dll
2015-12-09 10:17:23 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-12-09 10:17:23 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-12-09 10:17:23 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-12-09 10:17:23 ----A---- C:\windows\system32\vbscript.dll
2015-12-09 10:17:23 ----A---- C:\windows\system32\ieui.dll
2015-12-09 10:17:22 ----A---- C:\windows\system32\urlmon.dll
2015-12-09 10:17:22 ----A---- C:\windows\system32\iertutil.dll
2015-12-09 10:17:21 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-12-09 10:17:21 ----A---- C:\windows\system32\jscript.dll
2015-12-09 10:17:20 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-12-09 10:17:20 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-12-09 10:17:20 ----A---- C:\windows\system32\msfeeds.dll
2015-12-09 10:17:19 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2015-12-09 10:17:17 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-12-09 10:17:17 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2015-12-09 10:17:17 ----A---- C:\windows\system32\inetcomm.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\webcheck.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\webcheck.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\mshtmled.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\iepeers.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\iedkcs32.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\ieapfltr.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\ie4uinit.exe
2015-12-09 10:17:16 ----A---- C:\windows\system32\dxtrans.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\actxprxy.dll
2015-12-09 10:17:15 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-12-09 10:17:15 ----A---- C:\windows\SYSWOW64\iepeers.dll
2015-12-09 10:16:52 ----A---- C:\windows\system32\Windows.Globalization.dll
2015-12-09 10:16:51 ----A---- C:\windows\SYSWOW64\Windows.Globalization.dll
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\kbdgeoqw.dll
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\KBDAZST.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\KBDAZEL.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\KBDAZE.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\GlobCollationHost.dll
2015-12-09 10:16:50 ----A---- C:\windows\system32\kbdgeoqw.dll
2015-12-09 10:16:50 ----A---- C:\windows\system32\KBDAZST.DLL
2015-12-09 10:16:50 ----A---- C:\windows\system32\KBDAZEL.DLL
2015-12-09 10:16:50 ----A---- C:\windows\system32\KBDAZE.DLL
2015-12-09 10:16:50 ----A---- C:\windows\system32\GlobCollationHost.dll
2015-12-09 10:12:57 ----A---- C:\windows\system32\lsasrv.dll
2015-12-09 10:12:56 ----A---- C:\windows\SYSWOW64\certcli.dll
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\cng.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\dpapisrv.dll
2015-12-09 10:12:56 ----A---- C:\windows\system32\certcli.dll
2015-12-09 10:11:27 ----A---- C:\windows\system32\winresume.exe
2015-12-09 10:11:27 ----A---- C:\windows\system32\winload.exe
2015-12-09 10:11:27 ----A---- C:\windows\system32\ntoskrnl.exe
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\comsvcs.dll
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\catsrvut.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\ntvdm64.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\ntdll.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\comsvcs.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\catsrvut.dll
2015-12-09 10:11:22 ----A---- C:\windows\system32\localspl.dll
2015-12-09 10:11:21 ----A---- C:\windows\SYSWOW64\puiobj.dll
2015-12-09 10:11:21 ----A---- C:\windows\system32\puiobj.dll
2015-12-09 10:10:49 ----A---- C:\windows\system32\win32k.sys
2015-12-09 10:10:48 ----A---- C:\windows\system32\user32.dll
2015-12-09 10:10:48 ----A---- C:\windows\system32\FntCache.dll
2015-12-09 10:10:48 ----A---- C:\windows\system32\DWrite.dll
2015-12-09 10:10:47 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-12-09 10:10:47 ----A---- C:\windows\system32\GdiPlus.dll
2015-12-09 10:10:46 ----A---- C:\windows\SYSWOW64\user32.dll
2015-12-09 10:10:46 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2015-12-09 10:10:41 ----A---- C:\windows\system32\fveapi.dll
2015-12-09 10:10:41 ----A---- C:\windows\system32\bdesvc.dll
2015-12-09 10:10:30 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-12-09 10:10:30 ----A---- C:\windows\system32\kerberos.dll
2015-12-09 10:10:20 ----A---- C:\windows\system32\msctf.dll
2015-12-09 10:10:19 ----A---- C:\windows\SYSWOW64\msctf.dll
2015-12-09 10:10:17 ----A---- C:\windows\SYSWOW64\authui.dll
2015-12-09 10:10:17 ----A---- C:\windows\system32\authui.dll
2015-12-09 10:10:14 ----A---- C:\windows\SYSWOW64\PCPKsp.dll
2015-12-09 10:10:13 ----A---- C:\windows\system32\PCPKsp.dll
2015-12-09 10:10:12 ----A---- C:\windows\system32\winlogon.exe
2015-12-09 10:10:12 ----A---- C:\windows\system32\wininit.exe
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\winusb.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbuhci.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbport.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbohci.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\USBHUB3.SYS
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbhub.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbehci.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbd.sys
2015-12-09 10:10:06 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-12-09 10:10:06 ----A---- C:\windows\system32\wuaueng.dll
2015-12-09 10:10:06 ----A---- C:\windows\system32\wuapi.dll
2015-12-09 10:10:05 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-12-09 10:10:05 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-12-09 10:10:05 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-12-09 10:10:05 ----A---- C:\windows\system32\wuwebv.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wups2.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wudriver.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wucltux.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wuauclt.exe
2015-12-09 10:10:05 ----A---- C:\windows\system32\wuapp.exe
2015-12-09 10:09:45 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2015-12-09 10:09:45 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2015-12-09 10:09:45 ----A---- C:\windows\system32\nshwfp.dll
2015-12-09 10:09:45 ----A---- C:\windows\system32\IKEEXT.DLL
2015-12-09 10:09:45 ----A---- C:\windows\system32\FWPUCLNT.DLL
2015-12-09 10:09:45 ----A---- C:\windows\system32\drivers\wfplwfs.sys
2015-12-09 10:09:45 ----A---- C:\windows\system32\BFE.DLL
======List of files/folders modified in the last 1 month======
2015-12-30 16:09:04 ----HD---- C:\ProgramData
2015-12-30 16:06:37 ----D---- C:\windows\Prefetch
2015-12-30 16:05:56 ----D---- C:\ProgramData\LU
2015-12-30 16:04:20 ----D---- C:\windows\system32\config
2015-12-30 16:02:16 ----D---- C:\windows\CbsTemp
2015-12-30 16:02:03 ----D---- C:\windows\system32\sru
2015-12-30 15:57:39 ----D---- C:\Users\Daniela\AppData\Roaming\Skype
2015-12-30 15:55:34 ----D---- C:\ProgramData\Validity
2015-12-30 15:55:24 ----D---- C:\windows\SysWOW64
2015-12-30 15:51:52 ----D---- C:\windows\system32\catroot2
2015-12-29 18:54:24 ----D---- C:\windows\Microsoft.NET
2015-12-29 18:29:22 ----AD---- C:\Windows
2015-12-29 18:24:40 ----RD---- C:\Program Files (x86)
2015-12-29 18:24:40 ----D---- C:\windows\system32\drivers
2015-12-29 18:23:33 ----RAD---- C:\windows\System32
2015-12-29 18:23:32 ----D---- C:\windows\Inf
2015-12-29 18:23:32 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-12-29 18:23:31 ----D---- C:\windows\system32\Tasks
2015-12-29 18:05:34 ----D---- C:\windows\system32\GroupPolicy
2015-12-29 17:44:38 ----D---- C:\windows\system32\drivers\etc
2015-12-29 17:36:48 ----SHD---- C:\System Volume Information
2015-12-27 21:29:18 ----D---- C:\windows\DigitalLocker
2015-12-27 14:07:53 ----D---- C:\windows\schemas
2015-12-27 13:37:26 ----SHD---- C:\windows\Installer
2015-12-27 13:37:15 ----D---- C:\windows\WinSxS
2015-12-27 10:09:59 ----D---- C:\Program Files (x86)\Common Files
2015-12-26 22:03:17 ----RD---- C:\Program Files
2015-12-26 14:36:39 ----D---- C:\windows\Tasks
2015-12-26 11:46:56 ----D---- C:\ProgramData\McAfee
2015-12-26 11:46:56 ----D---- C:\Program Files\Common Files
2015-12-26 11:44:10 ----HD---- C:\windows\ELAMBKUP
2015-12-26 11:43:35 ----RSD---- C:\windows\assembly
2015-12-26 01:29:20 ----D---- C:\windows\rescache
2015-12-18 20:18:59 ----SD---- C:\windows\SYSWOW64\GWX
2015-12-18 20:18:59 ----SD---- C:\windows\system32\GWX
2015-12-14 21:57:03 ----D---- C:\windows\system32\DriverStore
2015-12-12 22:22:58 ----SD---- C:\windows\system32\CompatTel
2015-12-12 22:22:58 ----D---- C:\windows\system32\appraiser
2015-12-12 22:22:58 ----D---- C:\windows\apppatch
2015-12-10 18:20:33 ----D---- C:\ProgramData\Skype
2015-12-09 22:57:47 ----D---- C:\windows\system32\Boot
2015-12-09 22:57:44 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-12-09 22:57:43 ----D---- C:\windows\SYSWOW64\en-US
2015-12-09 22:57:43 ----D---- C:\windows\system32\en-US
2015-12-09 22:57:43 ----D---- C:\windows\system32\cs-CZ
2015-12-09 22:57:42 ----D---- C:\Program Files\Internet Explorer
2015-12-09 22:57:42 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-09 22:57:41 ----RSD---- C:\windows\Fonts
2015-12-09 22:57:38 ----RD---- C:\windows\ToastData
2015-12-09 10:59:57 ----D---- C:\windows\AppReadiness
2015-12-09 10:59:56 ----HD---- C:\Program Files\WindowsApps
2015-12-09 10:50:25 ----D---- C:\windows\system32\MRT
2015-12-01 18:19:27 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 LubSec;LubSec; C:\windows\System32\Drivers\LubSec.sys [2014-02-22 45304]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 SMIDriver;SMIDriver; C:\windows\system32\drivers\smi.sys [2014-01-22 19760]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 ACPIVPC;@oem37.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-12-21 35576]
R3 athr;@oem13.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athwbx.sys [2013-12-12 3881472]
R3 BTATH_BUS;@oem29.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\windows\System32\drivers\btath_bus.sys [2013-12-24 34384]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2013-12-24 597192]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 ETD;@oem12.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-02-18 377608]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-01-16 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-05-26 3975128]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-01-16 450520]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 RSP2STOR;@oem10.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\windows\system32\DRIVERS\RtsP2Stor.sys [2013-09-24 290520]
R3 RTL8168;@oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 rtsuvc;@oem19.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
R3 TXEIx64;@oem4.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2013-07-02 87568]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys [2015-04-08 80160]
S2 LubFsFlt;LubFsFlt; \??\C:\windows\System32\Drivers\LubFsFlt.sys [2014-02-22 27384]
S3 AthBTPort;@oem32.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2013-12-24 89800]
S3 BTATH_A2DP;@oem31.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2013-12-24 338120]
S3 btath_avdt;@oem31.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2013-12-24 116424]
S3 BTATH_HCRP;@oem34.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\windows\System32\drivers\btath_hcrp.sys [2013-12-24 179432]
S3 BTATH_LWFLT;@oem36.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2013-12-24 77464]
S3 BTATH_RCP;@oem38.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\windows\System32\drivers\btath_rcp.sys [2013-12-24 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys []
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-12-24 318592]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-09 99632]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-03-06 584632]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-21 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-09 1872808]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-21 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 USBBKSvc;USBBKSvc; C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe [2013-12-25 35824]
R2 valWBFPolicyService;@oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service; C:\windows\System32\valWBFPolicyService.exe [2014-01-17 46992]
R2 valWbioSyncSvc;BiometricSensorDataSynchronization; C:\windows\system32\valWbioSyncSvc.exe [2014-01-17 32256]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-06 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22 107848]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-03-09 272440]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-21 305136]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Daniela at 2015-12-30 16:20:32
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 300 GB (69%) free of 435 GB
Total RAM: 3978 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:20:38, on 30. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\Lenovo Messenger\NotificationsViewHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\Daniela.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 82DAC4A1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BingSvc] C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: USBBKSvc - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe
O23 - Service: @oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\windows\System32\valWBFPolicyService.exe (file missing)
O23 - Service: BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\windows\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9888 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ecbbd21a-fe34-4803-a1b2-30f0d250bedc -SystemEventPortName:HostProcess-49d840f2-83d5-4279-89f4-20391d1b73ba -IoCancelEventPortName:HostProcess-85b83202-ffa8-485f-b9ca-d709ebeaffb7 -NonStateChangingEventPortName:HostProcess-47944458-83f1-485e-8791-010c42f41d21 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:019cb6ba-1c40-4b36-96e6-997d72bc804e -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-954a1a6f-5ce4-40ca-82d2-832ad067d110 -SystemEventPortName:HostProcess-a99dab83-dcf7-4696-a0f6-cb49d2d9c860 -IoCancelEventPortName:HostProcess-a10cb632-78a1-493d-a5a7-49993d94033f -NonStateChangingEventPortName:HostProcess-42739c54-5bba-4044-830b-88b3a63e9831 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:256d6dc7-6d79-4595-990a-700eb6b27895 -DeviceGroupId:WudfDefaultDevicePool
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
dashost.exe {3d02d9d6-05da-4522-99c28a03caa423d1}
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe"
C:\windows\System32\valWBFPolicyService.exe
C:\windows\system32\valWbioSyncSvc.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Elantech\ETDCtrl.exe"
"c:\Program Files\Validity Sensors\Shared\SensorDBSynch.exe"
\??\C:\windows\system32\conhost.exe 0x4
taskhostex.exe
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files\Windows Defender\MSASCui.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5084 --on-initialized-event-handle=440 --parent-handle=444
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="136.0.1230902834\462267496" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StableHQPFrequencyBugFix_PrePeriod_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="136.8.1261518919\434143297" --font-cache-shared-handle=5128 /prefetch:673131151
adb fork-server server
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="136.10.564842988\122405748" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --device-scale-factor=1 --font-cache-shared-handle=6228 --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Lenovo\Lenovo Messenger\NotificationsViewHost.exe" -taskbar
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StableHQPFrequencyBugFix_PrePeriod_2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/*SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="136.13.1671742901\715093110" --font-cache-shared-handle=2096 /prefetch:673131151
service
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x140_0x11a4_0x54ecfe81"
"C:\totalcmd\TOTALCMD.EXE"
C:\windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Users\Daniela\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-03-06 391152]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2014-03-06 771568]
"Persistence"=C:\windows\system32\igfxpers.exe [2014-03-06 770544]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26 13672152]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-19 2892616]
"RtsFT"=C:\windows\RTFTrack.exe [2014-01-21 6340312]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-12-21 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-21 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-21 10973168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2014-03-31 4272840]
"BingSvc"=C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-12-09 144008]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-11-30 50509440]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2014-01-16 624640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-29 18:29:22 ----A---- C:\windows\UC.PIF
2015-12-29 18:29:22 ----A---- C:\windows\RAR.PIF
2015-12-29 18:29:22 ----A---- C:\windows\PKZIP.PIF
2015-12-29 18:29:22 ----A---- C:\windows\PKUNZIP.PIF
2015-12-29 18:29:22 ----A---- C:\windows\LHA.PIF
2015-12-29 18:29:22 ----A---- C:\windows\ARJ.PIF
2015-12-29 18:29:21 ----D---- C:\Users\Daniela\AppData\Roaming\GHISLER
2015-12-29 18:29:21 ----D---- C:\totalcmd
2015-12-29 18:22:19 ----D---- C:\Users\Daniela\AppData\Roaming\Opera Software
2015-12-29 18:22:05 ----D---- C:\Program Files (x86)\Opera
2015-12-29 18:18:38 ----SHD---- C:\$RECYCLE.BIN
2015-12-29 18:10:08 ----A---- C:\windows\zoek-delete.exe
2015-12-29 18:10:06 ----D---- C:\windows\Temp
2015-12-29 17:42:37 ----D---- C:\zoek_backup
2015-12-27 10:19:22 ----D---- C:\ProgramData\Malwarebytes
2015-12-27 10:01:18 ----D---- C:\AdwCleaner
2015-12-26 22:03:17 ----D---- C:\rsit
2015-12-26 22:03:17 ----D---- C:\Program Files\trend micro
2015-12-26 16:33:16 ----D---- C:\Users\Daniela\AppData\Roaming\LolClient
2015-12-26 14:38:09 ----D---- C:\ProgramData\Riot Games
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\XAudio2_2.dll
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\XAPOFX1_1.dll
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\d3dx10_39.dll
2015-12-26 14:37:03 ----A---- C:\windows\SYSWOW64\D3DCompiler_39.dll
2015-12-26 14:37:02 ----A---- C:\windows\SYSWOW64\D3DX9_39.dll
2015-12-26 14:36:37 ----D---- C:\Riot Games
2015-12-26 14:30:40 ----D---- C:\Users\Daniela\AppData\Roaming\Riot Games
2015-12-26 12:53:04 ----D---- C:\Program Files (x86)\trend micro
2015-12-26 12:26:36 ----A---- C:\windows\ntbtlog.txt
2015-12-26 11:50:55 ----N---- C:\windows\system32\MpSigStub.exe
2015-12-21 14:16:11 ----A---- C:\windows\system32\aspnet_counters.dll
2015-12-21 14:16:08 ----A---- C:\windows\SYSWOW64\aspnet_counters.dll
2015-12-10 18:19:34 ----D---- C:\Users\Daniela\AppData\Roaming\Maxthon3
2015-12-09 11:12:59 ----A---- C:\windows\system32\invagent.dll
2015-12-09 11:12:59 ----A---- C:\windows\system32\devinv.dll
2015-12-09 11:12:59 ----A---- C:\windows\system32\appraiser.dll
2015-12-09 11:12:58 ----A---- C:\windows\system32\generaltel.dll
2015-12-09 11:12:58 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-12-09 11:12:58 ----A---- C:\windows\system32\aeinv.dll
2015-12-09 11:12:58 ----A---- C:\windows\system32\acmigration.dll
2015-12-09 10:20:13 ----A---- C:\windows\system32\drivers\tdx.sys
2015-12-09 10:20:13 ----A---- C:\windows\system32\drivers\afd.sys
2015-12-09 10:20:10 ----A---- C:\windows\system32\schannel.dll
2015-12-09 10:20:09 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-12-09 10:20:09 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll
2015-12-09 10:20:09 ----A---- C:\windows\SYSWOW64\bcryptprimitives.dll
2015-12-09 10:20:09 ----A---- C:\windows\system32\ncryptsslp.dll
2015-12-09 10:20:09 ----A---- C:\windows\system32\ncrypt.dll
2015-12-09 10:20:09 ----A---- C:\windows\system32\bcryptprimitives.dll
2015-12-09 10:20:08 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-12-09 10:19:46 ----A---- C:\windows\system32\AuthHost.exe
2015-12-09 10:19:45 ----A---- C:\windows\SYSWOW64\untfs.dll
2015-12-09 10:19:44 ----A---- C:\windows\system32\untfs.dll
2015-12-09 10:19:43 ----A---- C:\windows\system32\drivers\tunnel.sys
2015-12-09 10:19:42 ----AC---- C:\windows\system32\drivers\tpm.sys
2015-12-09 10:19:41 ----A---- C:\windows\system32\drivers\rmcast.sys
2015-12-09 10:19:40 ----A---- C:\windows\SYSWOW64\gdi32.dll
2015-12-09 10:19:40 ----A---- C:\windows\system32\gdi32.dll
2015-12-09 10:18:20 ----A---- C:\windows\system32\mshtml.dll
2015-12-09 10:17:47 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-12-09 10:17:29 ----A---- C:\windows\system32\jscript9.dll
2015-12-09 10:17:28 ----A---- C:\windows\system32\ieframe.dll
2015-12-09 10:17:26 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-12-09 10:17:25 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-12-09 10:17:24 ----A---- C:\windows\system32\wininet.dll
2015-12-09 10:17:23 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-12-09 10:17:23 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-12-09 10:17:23 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-12-09 10:17:23 ----A---- C:\windows\system32\vbscript.dll
2015-12-09 10:17:23 ----A---- C:\windows\system32\ieui.dll
2015-12-09 10:17:22 ----A---- C:\windows\system32\urlmon.dll
2015-12-09 10:17:22 ----A---- C:\windows\system32\iertutil.dll
2015-12-09 10:17:21 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-12-09 10:17:21 ----A---- C:\windows\system32\jscript.dll
2015-12-09 10:17:20 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-12-09 10:17:20 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-12-09 10:17:20 ----A---- C:\windows\system32\msfeeds.dll
2015-12-09 10:17:19 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2015-12-09 10:17:17 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-12-09 10:17:17 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2015-12-09 10:17:17 ----A---- C:\windows\system32\inetcomm.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\webcheck.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-12-09 10:17:16 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\webcheck.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\mshtmled.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\iepeers.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\iedkcs32.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\ieapfltr.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\ie4uinit.exe
2015-12-09 10:17:16 ----A---- C:\windows\system32\dxtrans.dll
2015-12-09 10:17:16 ----A---- C:\windows\system32\actxprxy.dll
2015-12-09 10:17:15 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-12-09 10:17:15 ----A---- C:\windows\SYSWOW64\iepeers.dll
2015-12-09 10:16:52 ----A---- C:\windows\system32\Windows.Globalization.dll
2015-12-09 10:16:51 ----A---- C:\windows\SYSWOW64\Windows.Globalization.dll
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\kbdgeoqw.dll
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\KBDAZST.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\KBDAZEL.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\KBDAZE.DLL
2015-12-09 10:16:50 ----A---- C:\windows\SYSWOW64\GlobCollationHost.dll
2015-12-09 10:16:50 ----A---- C:\windows\system32\kbdgeoqw.dll
2015-12-09 10:16:50 ----A---- C:\windows\system32\KBDAZST.DLL
2015-12-09 10:16:50 ----A---- C:\windows\system32\KBDAZEL.DLL
2015-12-09 10:16:50 ----A---- C:\windows\system32\KBDAZE.DLL
2015-12-09 10:16:50 ----A---- C:\windows\system32\GlobCollationHost.dll
2015-12-09 10:12:57 ----A---- C:\windows\system32\lsasrv.dll
2015-12-09 10:12:56 ----A---- C:\windows\SYSWOW64\certcli.dll
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\drivers\cng.sys
2015-12-09 10:12:56 ----A---- C:\windows\system32\dpapisrv.dll
2015-12-09 10:12:56 ----A---- C:\windows\system32\certcli.dll
2015-12-09 10:11:27 ----A---- C:\windows\system32\winresume.exe
2015-12-09 10:11:27 ----A---- C:\windows\system32\winload.exe
2015-12-09 10:11:27 ----A---- C:\windows\system32\ntoskrnl.exe
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\comsvcs.dll
2015-12-09 10:11:26 ----A---- C:\windows\SYSWOW64\catsrvut.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\ntvdm64.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\ntdll.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\comsvcs.dll
2015-12-09 10:11:26 ----A---- C:\windows\system32\catsrvut.dll
2015-12-09 10:11:22 ----A---- C:\windows\system32\localspl.dll
2015-12-09 10:11:21 ----A---- C:\windows\SYSWOW64\puiobj.dll
2015-12-09 10:11:21 ----A---- C:\windows\system32\puiobj.dll
2015-12-09 10:10:49 ----A---- C:\windows\system32\win32k.sys
2015-12-09 10:10:48 ----A---- C:\windows\system32\user32.dll
2015-12-09 10:10:48 ----A---- C:\windows\system32\FntCache.dll
2015-12-09 10:10:48 ----A---- C:\windows\system32\DWrite.dll
2015-12-09 10:10:47 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-12-09 10:10:47 ----A---- C:\windows\system32\GdiPlus.dll
2015-12-09 10:10:46 ----A---- C:\windows\SYSWOW64\user32.dll
2015-12-09 10:10:46 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2015-12-09 10:10:41 ----A---- C:\windows\system32\fveapi.dll
2015-12-09 10:10:41 ----A---- C:\windows\system32\bdesvc.dll
2015-12-09 10:10:30 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-12-09 10:10:30 ----A---- C:\windows\system32\kerberos.dll
2015-12-09 10:10:20 ----A---- C:\windows\system32\msctf.dll
2015-12-09 10:10:19 ----A---- C:\windows\SYSWOW64\msctf.dll
2015-12-09 10:10:17 ----A---- C:\windows\SYSWOW64\authui.dll
2015-12-09 10:10:17 ----A---- C:\windows\system32\authui.dll
2015-12-09 10:10:14 ----A---- C:\windows\SYSWOW64\PCPKsp.dll
2015-12-09 10:10:13 ----A---- C:\windows\system32\PCPKsp.dll
2015-12-09 10:10:12 ----A---- C:\windows\system32\winlogon.exe
2015-12-09 10:10:12 ----A---- C:\windows\system32\wininit.exe
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\winusb.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbuhci.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbport.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbohci.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\USBHUB3.SYS
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbhub.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbehci.sys
2015-12-09 10:10:10 ----AC---- C:\windows\system32\drivers\usbd.sys
2015-12-09 10:10:06 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-12-09 10:10:06 ----A---- C:\windows\system32\wuaueng.dll
2015-12-09 10:10:06 ----A---- C:\windows\system32\wuapi.dll
2015-12-09 10:10:05 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-12-09 10:10:05 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-12-09 10:10:05 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-12-09 10:10:05 ----A---- C:\windows\system32\wuwebv.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wups2.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wudriver.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wucltux.dll
2015-12-09 10:10:05 ----A---- C:\windows\system32\wuauclt.exe
2015-12-09 10:10:05 ----A---- C:\windows\system32\wuapp.exe
2015-12-09 10:09:45 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2015-12-09 10:09:45 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2015-12-09 10:09:45 ----A---- C:\windows\system32\nshwfp.dll
2015-12-09 10:09:45 ----A---- C:\windows\system32\IKEEXT.DLL
2015-12-09 10:09:45 ----A---- C:\windows\system32\FWPUCLNT.DLL
2015-12-09 10:09:45 ----A---- C:\windows\system32\drivers\wfplwfs.sys
2015-12-09 10:09:45 ----A---- C:\windows\system32\BFE.DLL
======List of files/folders modified in the last 1 month======
2015-12-30 16:09:04 ----HD---- C:\ProgramData
2015-12-30 16:06:37 ----D---- C:\windows\Prefetch
2015-12-30 16:05:56 ----D---- C:\ProgramData\LU
2015-12-30 16:04:20 ----D---- C:\windows\system32\config
2015-12-30 16:02:16 ----D---- C:\windows\CbsTemp
2015-12-30 16:02:03 ----D---- C:\windows\system32\sru
2015-12-30 15:57:39 ----D---- C:\Users\Daniela\AppData\Roaming\Skype
2015-12-30 15:55:34 ----D---- C:\ProgramData\Validity
2015-12-30 15:55:24 ----D---- C:\windows\SysWOW64
2015-12-30 15:51:52 ----D---- C:\windows\system32\catroot2
2015-12-29 18:54:24 ----D---- C:\windows\Microsoft.NET
2015-12-29 18:29:22 ----AD---- C:\Windows
2015-12-29 18:24:40 ----RD---- C:\Program Files (x86)
2015-12-29 18:24:40 ----D---- C:\windows\system32\drivers
2015-12-29 18:23:33 ----RAD---- C:\windows\System32
2015-12-29 18:23:32 ----D---- C:\windows\Inf
2015-12-29 18:23:32 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-12-29 18:23:31 ----D---- C:\windows\system32\Tasks
2015-12-29 18:05:34 ----D---- C:\windows\system32\GroupPolicy
2015-12-29 17:44:38 ----D---- C:\windows\system32\drivers\etc
2015-12-29 17:36:48 ----SHD---- C:\System Volume Information
2015-12-27 21:29:18 ----D---- C:\windows\DigitalLocker
2015-12-27 14:07:53 ----D---- C:\windows\schemas
2015-12-27 13:37:26 ----SHD---- C:\windows\Installer
2015-12-27 13:37:15 ----D---- C:\windows\WinSxS
2015-12-27 10:09:59 ----D---- C:\Program Files (x86)\Common Files
2015-12-26 22:03:17 ----RD---- C:\Program Files
2015-12-26 14:36:39 ----D---- C:\windows\Tasks
2015-12-26 11:46:56 ----D---- C:\ProgramData\McAfee
2015-12-26 11:46:56 ----D---- C:\Program Files\Common Files
2015-12-26 11:44:10 ----HD---- C:\windows\ELAMBKUP
2015-12-26 11:43:35 ----RSD---- C:\windows\assembly
2015-12-26 01:29:20 ----D---- C:\windows\rescache
2015-12-18 20:18:59 ----SD---- C:\windows\SYSWOW64\GWX
2015-12-18 20:18:59 ----SD---- C:\windows\system32\GWX
2015-12-14 21:57:03 ----D---- C:\windows\system32\DriverStore
2015-12-12 22:22:58 ----SD---- C:\windows\system32\CompatTel
2015-12-12 22:22:58 ----D---- C:\windows\system32\appraiser
2015-12-12 22:22:58 ----D---- C:\windows\apppatch
2015-12-10 18:20:33 ----D---- C:\ProgramData\Skype
2015-12-09 22:57:47 ----D---- C:\windows\system32\Boot
2015-12-09 22:57:44 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-12-09 22:57:43 ----D---- C:\windows\SYSWOW64\en-US
2015-12-09 22:57:43 ----D---- C:\windows\system32\en-US
2015-12-09 22:57:43 ----D---- C:\windows\system32\cs-CZ
2015-12-09 22:57:42 ----D---- C:\Program Files\Internet Explorer
2015-12-09 22:57:42 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-09 22:57:41 ----RSD---- C:\windows\Fonts
2015-12-09 22:57:38 ----RD---- C:\windows\ToastData
2015-12-09 10:59:57 ----D---- C:\windows\AppReadiness
2015-12-09 10:59:56 ----HD---- C:\Program Files\WindowsApps
2015-12-09 10:50:25 ----D---- C:\windows\system32\MRT
2015-12-01 18:19:27 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 LubSec;LubSec; C:\windows\System32\Drivers\LubSec.sys [2014-02-22 45304]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 SMIDriver;SMIDriver; C:\windows\system32\drivers\smi.sys [2014-01-22 19760]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 ACPIVPC;@oem37.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-12-21 35576]
R3 athr;@oem13.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athwbx.sys [2013-12-12 3881472]
R3 BTATH_BUS;@oem29.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\windows\System32\drivers\btath_bus.sys [2013-12-24 34384]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2013-12-24 597192]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 ETD;@oem12.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-02-18 377608]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-01-16 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-05-26 3975128]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-01-16 450520]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 RSP2STOR;@oem10.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\windows\system32\DRIVERS\RtsP2Stor.sys [2013-09-24 290520]
R3 RTL8168;@oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 rtsuvc;@oem19.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
R3 TXEIx64;@oem4.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2013-07-02 87568]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys [2015-04-08 80160]
S2 LubFsFlt;LubFsFlt; \??\C:\windows\System32\Drivers\LubFsFlt.sys [2014-02-22 27384]
S3 AthBTPort;@oem32.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2013-12-24 89800]
S3 BTATH_A2DP;@oem31.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2013-12-24 338120]
S3 btath_avdt;@oem31.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2013-12-24 116424]
S3 BTATH_HCRP;@oem34.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\windows\System32\drivers\btath_hcrp.sys [2013-12-24 179432]
S3 BTATH_LWFLT;@oem36.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2013-12-24 77464]
S3 BTATH_RCP;@oem38.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\windows\System32\drivers\btath_rcp.sys [2013-12-24 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys []
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-12-24 318592]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-09 99632]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-03-06 584632]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-21 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-09 1872808]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-21 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 USBBKSvc;USBBKSvc; C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe [2013-12-25 35824]
R2 valWBFPolicyService;@oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service; C:\windows\System32\valWBFPolicyService.exe [2014-01-17 46992]
R2 valWbioSyncSvc;BiometricSensorDataSynchronization; C:\windows\system32\valWbioSyncSvc.exe [2014-01-17 32256]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-06 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22 107848]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-03-09 272440]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-21 305136]
-----------------EOF-----------------
Re: zavirovany NTB
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-12-2015
Ran by Daniela (administrator) on KRAM (30-12-2015 16:29:42)
Running from C:\Users\Daniela\Desktop
Loaded Profiles: Daniela (Available Profiles: Daniela)
Platform: Windows 8.1 Connected (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
() C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files\Validity Sensors\Shared\SensorDBSynch.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(© 2015 Microsoft Corporation) C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Lenovo\Lenovo Messenger\NotificationsViewHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\Daniela\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2892616 2014-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-12-21] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-12-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10973168 2014-12-21] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] (Qualcomm®Atheros®)
HKU\S-1-5-21-480796221-827829538-3836116632-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-480796221-827829538-3836116632-1001\...\Run: [BingSvc] => C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-12-09] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-480796221-827829538-3836116632-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50509440 2015-11-30] (Skype Technologies S.A.)
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-09-26] (Amazon Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE.dll [106304 2014-09-26] (Amazon Inc.)
ShellIconOverlayIdentifiers: [00USBBlockerShellDs] -> {BE57AC86-892D-436E-B763-71DA8FA49A48} => C:\Program Files (x86)\Lenovo\USB Blocker\USBBlockerShell.dll [2013-12-25] (Lenovo(beijing) Limited)
ShellIconOverlayIdentifiers: [00USBBlockerShellRd] -> {FFBCBB89-938E-4412-88AF-AE7A531F95C1} => C:\Program Files (x86)\Lenovo\USB Blocker\USBBlockerShell.dll [2013-12-25] (Lenovo(beijing) Limited)
ShellIconOverlayIdentifiers: [00USBBlockerShellRw] -> {42D4ABFA-0604-45F1-9A7C-622F85614BAB} => C:\Program Files (x86)\Lenovo\USB Blocker\USBBlockerShell.dll [2013-12-25] (Lenovo(beijing) Limited)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3758CBB0-747A-4EE6-81B4-32984402CE01}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-480796221-827829538-3836116632-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130956008088896509&GUID=F0579D19-EE83-49A0-A6A9-7F82DAC4A1AF
HKU\S-1-5-21-480796221-827829538-3836116632-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-480796221-827829538-3836116632-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-480796221-827829538-3836116632-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-480796221-827829538-3836116632-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-09] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-29]
CHR Extension: (Dokumenty Google) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-29]
CHR Extension: (Disk Google) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-29]
CHR Extension: (YouTube) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-29]
CHR Extension: (Tabulky Google) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-30]
CHR Extension: (Skype) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-29]
CHR Extension: (Gmail) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-29]
CHR HKU\S-1-5-21-480796221-827829538-3836116632-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows (R) Win 7 DDK provider) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-10-09] (ELAN Microelectronics Corp.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-12-21] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-09] (Maxthon)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-12-21] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-12-21] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 USBBKSvc; C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe [35824 2013-12-25] (Lenovo(beijing) Limited)
R2 valWBFPolicyService; C:\Windows\System32\valWBFPolicyService.exe [46992 2014-01-17] (Validity Sensors, Inc.)
R2 valWbioSyncSvc; C:\windows\system32\valWbioSyncSvc.exe [32256 2014-01-17] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-12-24] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2013-12-12] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S2 LubFsFlt; C:\windows\System32\Drivers\LubFsFlt.sys [27384 2014-02-22] (Lenovo(beijing) Limited)
R0 LubSec; C:\Windows\System32\Drivers\LubSec.sys [45304 2014-02-22] (Lenovo(beijing) Limited)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-04-08] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290520 2013-09-24] (Realtek Semiconductor Corp.)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
R1 SMIDriver; C:\Windows\System32\drivers\smi.sys [19760 2014-01-22] (Windows (R) Win 7 DDK provider)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-30 16:29 - 2015-12-30 16:30 - 00017907 _____ C:\Users\Daniela\Desktop\FRST.txt
2015-12-30 16:27 - 2015-12-30 16:29 - 00000000 ____D C:\FRST
2015-12-30 16:26 - 2015-12-30 16:26 - 00112640 _____ (forum.viry.cz) C:\Users\Daniela\Desktop\FRSTLauncher.exe
2015-12-30 16:24 - 2015-12-30 16:24 - 02370560 _____ (Farbar) C:\Users\Daniela\Desktop\FRST64.exe
2015-12-29 18:30 - 2015-12-29 18:30 - 00000000 ____D C:\Users\Daniela\AppData\Local\GHISLER
2015-12-29 18:29 - 2015-12-30 16:08 - 00000000 ____D C:\Users\Daniela\AppData\Roaming\GHISLER
2015-12-29 18:29 - 2015-12-29 18:29 - 00000651 _____ C:\Users\Public\Desktop\Total Commander.lnk
2015-12-29 18:29 - 2015-12-29 18:29 - 00000000 ____D C:\totalcmd
2015-12-29 18:29 - 2015-12-29 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-12-29 18:29 - 2014-04-23 08:51 - 00000545 _____ C:\windows\UC.PIF
2015-12-29 18:29 - 2014-04-23 08:51 - 00000545 _____ C:\windows\RAR.PIF
2015-12-29 18:29 - 2014-04-23 08:51 - 00000545 _____ C:\windows\PKZIP.PIF
2015-12-29 18:29 - 2014-04-23 08:51 - 00000545 _____ C:\windows\PKUNZIP.PIF
2015-12-29 18:29 - 2014-04-23 08:51 - 00000545 _____ C:\windows\LHA.PIF
2015-12-29 18:29 - 2014-04-23 08:51 - 00000545 _____ C:\windows\ARJ.PIF
2015-12-29 18:28 - 2015-12-29 18:28 - 03722264 _____ (Ghisler Software GmbH) C:\Users\Daniela\Downloads\tcm851x32.exe
2015-12-29 18:23 - 2015-12-29 18:23 - 00003832 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1451409725
2015-12-29 18:22 - 2015-12-29 18:27 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-29 18:22 - 2015-12-29 18:23 - 00001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-12-29 18:22 - 2015-12-29 18:22 - 00001152 _____ C:\Users\Public\Desktop\Opera.lnk
2015-12-29 18:22 - 2015-12-29 18:22 - 00000000 ____D C:\Users\Daniela\AppData\Roaming\Opera Software
2015-12-29 18:22 - 2015-12-29 18:22 - 00000000 ____D C:\Users\Daniela\AppData\Local\Opera Software
2015-12-29 18:21 - 2015-12-29 18:21 - 28043832 _____ (Opera Software ASA) C:\Users\Daniela\Downloads\Opera_21.0.1432.67_Seznam_Setup.exe
2015-12-29 18:20 - 2015-12-29 18:20 - 00000000 ____D C:\Users\Daniela\AppData\Local\VirtualStore
2015-12-29 18:10 - 2015-12-29 17:42 - 00024064 _____ C:\windows\zoek-delete.exe
2015-12-29 17:42 - 2015-12-29 18:17 - 00000000 ____D C:\zoek_backup
2015-12-29 17:40 - 2015-12-29 17:40 - 00000829 _____ C:\Users\Daniela\Desktop\JRT.txt
2015-12-29 17:37 - 2015-12-29 17:37 - 01309184 _____ C:\Users\Daniela\Desktop\zoek.exe
2015-12-29 17:36 - 2015-12-29 17:36 - 01309184 _____ C:\Users\Daniela\Downloads\zoek.exe
2015-12-29 17:34 - 2015-12-29 17:35 - 01599336 _____ (Malwarebytes) C:\Users\Daniela\Downloads\JRT.exe
2015-12-27 17:23 - 2015-12-27 17:23 - 00001877 _____ C:\Users\Daniela\Desktop\mbam2.txt
2015-12-27 13:27 - 2015-12-27 13:27 - 00015858 _____ C:\Users\Daniela\Desktop\mbam.txt
2015-12-27 10:19 - 2015-12-27 10:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-27 10:18 - 2015-12-27 10:18 - 22908888 _____ (Malwarebytes ) C:\Users\Daniela\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-27 10:01 - 2015-12-27 10:09 - 00000000 ____D C:\AdwCleaner
2015-12-27 09:59 - 2015-12-27 09:59 - 01743360 _____ C:\Users\Daniela\Desktop\adwcleaner_5.026.exe
2015-12-26 22:03 - 2015-12-30 16:20 - 00000000 ____D C:\Program Files\trend micro
2015-12-26 22:03 - 2015-12-26 22:03 - 01222144 _____ C:\Users\Daniela\Downloads\RSITx64.exe
2015-12-26 22:03 - 2015-12-26 22:03 - 00000000 ____D C:\rsit
2015-12-26 16:33 - 2015-12-26 16:33 - 00000000 ____D C:\Users\Daniela\AppData\Roaming\LolClient
2015-12-26 14:38 - 2015-12-26 14:38 - 00000000 ____D C:\ProgramData\Riot Games
2015-12-26 14:37 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_1.dll
2015-12-26 14:37 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_2.dll
2015-12-26 14:37 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll
2015-12-26 14:37 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_39.dll
2015-12-26 14:37 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_39.dll
2015-12-26 14:36 - 2015-12-26 14:36 - 00000000 ____D C:\Riot Games
2015-12-26 14:30 - 2015-12-26 14:37 - 00000000 ____D C:\Users\Daniela\AppData\Roaming\Riot Games
2015-12-26 12:53 - 2015-12-26 12:53 - 00000000 ____D C:\Program Files (x86)\trend micro
2015-12-26 12:52 - 2015-12-26 12:52 - 01107968 _____ C:\Users\Daniela\Downloads\RSIT.exe
2015-12-26 12:32 - 2015-12-26 12:32 - 06805328 _____ (Piriform Ltd) C:\Users\Daniela\Downloads\ccsetup513.exe
2015-12-26 12:26 - 2015-12-26 12:27 - 00106372 _____ C:\windows\ntbtlog.txt
2015-12-26 11:50 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-12-26 11:33 - 2015-12-26 11:33 - 05639940 _____ (Swearware) C:\Users\Daniela\Desktop\aaa.exe
2015-12-24 01:26 - 2015-12-24 02:27 - 625791250 _____ C:\Users\Daniela\Downloads\Super-drbna-06x05---MonstrĂłznĂ--ples-DVB-T-CZ.avi
2015-12-24 00:31 - 2015-12-24 01:24 - 619629482 _____ C:\Users\Daniela\Downloads\Super-drbna-06x04---Portrét-lady-Alexandry-DVB-T-CZ.avi
2015-12-23 23:51 - 2015-12-24 00:26 - 616038816 _____ C:\Users\Daniela\Downloads\Super-drbna-06x03---Prohnilé-skandály-DVB-T-CZ.avi
2015-12-23 23:09 - 2015-12-23 23:46 - 656748280 _____ C:\Users\Daniela\Downloads\Super-drbna-06x02.avi
2015-12-23 22:26 - 2015-12-23 23:01 - 633487358 _____ C:\Users\Daniela\Downloads\Super-drbna-06x01---Hledá-se-Serena.avi
2015-12-23 22:04 - 2015-12-23 22:25 - 363167590 _____ C:\Users\Daniela\Downloads\Super-drbna-02x07-Chuckova-pravá-tvář.avi
2015-12-23 21:28 - 2015-12-23 21:56 - 480779796 _____ C:\Users\Daniela\Downloads\Super-drbna-02x06-DVBTRIP-CZ.avi
2015-12-23 21:01 - 2015-12-23 21:23 - 367013888 _____ C:\Users\Daniela\Downloads\Super-drbna-02x05-DVBTRIP-CZ.avi
2015-12-23 20:37 - 2015-12-23 20:59 - 367022080 _____ C:\Users\Daniela\Downloads\Super-drbna-02x04-DVBTRIP-CZ.avi
2015-12-23 20:09 - 2015-12-23 20:36 - 480779844 _____ C:\Users\Daniela\Downloads\Super-drbna-02x03-DVBTRIP-CZ.avi
2015-12-23 19:31 - 2015-12-23 20:03 - 480807132 _____ C:\Users\Daniela\Downloads\Super-drbna-02x02-DVBTRIP-CZ.avi
2015-12-23 18:55 - 2015-12-23 19:23 - 480570284 _____ C:\Users\Daniela\Downloads\Super-drbna-02x01-DVBTRIP-CZ.avi
2015-12-23 16:29 - 2015-12-23 16:56 - 480912478 _____ C:\Users\Daniela\Downloads\Super-drbna-01x18-DVBTRIP-CZ.avi
2015-12-23 15:45 - 2015-12-23 16:12 - 480665204 _____ C:\Users\Daniela\Downloads\Super-drbna-01x17-DVBTRIP-CZ.avi
2015-12-23 14:15 - 2015-12-23 15:06 - 480501330 _____ C:\Users\Daniela\Downloads\Super-drbna-01x16-DVBTRIP-CZ.avi
2015-12-23 00:29 - 2015-12-23 00:56 - 479442408 _____ C:\Users\Daniela\Downloads\Super-drbna-01x15-DVBTRIP-CZ.avi
2015-12-23 00:14 - 2015-12-23 00:22 - 139374644 _____ C:\Users\Daniela\Downloads\Super-drbna-01x14-DVBTRIP-CZ_xvid.mp4
2015-12-22 23:21 - 2015-12-23 00:11 - 480654192 _____ C:\Users\Daniela\Downloads\Super-drbna-01x13-DVBTRIP-CZ.avi
2015-12-22 23:07 - 2015-12-22 23:15 - 146302138 _____ C:\Users\Daniela\Downloads\Super-drbna-01x12-DVBTRIP-CZ_xvid.mp4
2015-12-22 22:46 - 2015-12-22 22:54 - 147237544 _____ C:\Users\Daniela\Downloads\Super-drbna-01x11-DVDRIP-CZ_xvid.mp4
2015-12-22 22:23 - 2015-12-22 22:31 - 145477259 _____ C:\Users\Daniela\Downloads\Super-drbna-01x10-DVDRIP-CZ_xvid.mp4
2015-12-22 22:11 - 2015-12-22 22:19 - 144059227 _____ C:\Users\Daniela\Downloads\Super-drbna-01x09-DVDRIP-CZ_xvid.mp4
2015-12-22 21:59 - 2015-12-22 22:07 - 139665493 _____ C:\Users\Daniela\Downloads\Super-drbna-01x08-DVDRIP-CZ_xvid.mp4
2015-12-22 21:48 - 2015-12-22 21:56 - 145950486 _____ C:\Users\Daniela\Downloads\Super-drbna-01x07-DVDRIP-CZ_xvid.mp4
2015-12-22 21:34 - 2015-12-22 21:42 - 146361122 _____ C:\Users\Daniela\Downloads\Super-drbna-01x06-DVDRIP-CZ_xvid.mp4
2015-12-22 21:07 - 2015-12-22 21:15 - 137976465 _____ C:\Users\Daniela\Downloads\Super-drbna-01x05-DVDRIP-CZ_xvid.mp4
2015-12-22 20:51 - 2015-12-22 20:59 - 138147300 _____ C:\Users\Daniela\Downloads\Super-drbna-01x04-DVDRIP-CZ_xvid.mp4
2015-12-22 20:09 - 2015-12-22 20:19 - 173452451 _____ C:\Users\Daniela\Downloads\Super-drbna-01x03-DVDRIP-CZ_xvid.mp4
2015-12-22 20:08 - 2015-12-22 20:11 - 139157739 _____ C:\Users\Daniela\Downloads\Super-drbna-01x01.mp4
2015-12-22 20:08 - 2015-12-22 20:10 - 128673169 _____ C:\Users\Daniela\Downloads\Super-drbna-01x02_xvid.mp4
2015-12-22 00:26 - 2015-12-22 00:49 - 419178496 _____ C:\Users\Daniela\Downloads\Super-drbna-03x13-DVDRIP-CZ.avi
2015-12-22 00:00 - 2015-12-22 00:23 - 419215360 _____ C:\Users\Daniela\Downloads\Super-drbna-03x16-DVDRIP-CZ.avi
2015-12-21 23:30 - 2015-12-21 23:53 - 419254272 _____ C:\Users\Daniela\Downloads\Super-drbna-03x15-DVDRIP-CZ.avi
2015-12-21 23:04 - 2015-12-21 23:28 - 419203072 _____ C:\Users\Daniela\Downloads\Super-drbna-03x14-DVDRIP-CZ.avi
2015-12-21 15:34 - 2015-12-21 15:58 - 424677142 _____ C:\Users\Daniela\Downloads\Keeping.Up.with.the.Kardashians.S11E05.HDTV.x264-LTBS.mp4
2015-12-21 14:19 - 2015-12-21 14:46 - 493657668 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S11E04.All.Grown.Up.HDTV-MegaTV.mp4
2015-12-21 14:16 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2015-12-21 14:16 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2015-12-20 23:44 - 2015-12-21 00:08 - 426821153 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.the.Kardashians.S11E03.HDTV.x264-LTBS.mp4
2015-12-20 22:10 - 2015-12-20 22:28 - 319646076 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-S10E17.mp4
2015-12-20 21:24 - 2015-12-20 21:44 - 335261927 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-S10E16.mp4
2015-12-20 20:38 - 2015-12-20 20:59 - 361245935 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-S10E15.mp4
2015-12-19 00:53 - 2015-12-19 01:13 - 356146924 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-S10E14.mp4
2015-12-19 00:17 - 2015-12-19 00:32 - 267688028 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S10E10.HDTV.x264-CRiMSON.mp4
2015-12-18 23:33 - 2015-12-19 00:04 - 550800109 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S10E09.Lip.Service.HDTV-MegaTV.mp4
2015-12-18 20:41 - 2015-12-18 21:10 - 506771056 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S10E07.Special.Delivery.HDTV.x264-MegaTV.mp4
2015-12-18 19:20 - 2015-12-18 19:40 - 328437714 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S10E06.HDTV.x264-CRiMSON_watchseries-online.ch.mp4
2015-12-18 18:37 - 2015-12-18 19:04 - 482895082 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S10E03.The.Carfather.HDTV-MegaJoey_watchseries-online.ch.mp4
2015-12-18 18:03 - 2015-12-18 18:24 - 376972167 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S09E13.Move.It.Or.Lose.It.WEB-DL.x264-RKSTR.mp4
2015-12-18 16:13 - 2015-12-18 16:41 - 493328664 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S09E12.PLaying.Dirty.WEB-DL.x264-RKSTR.mp4
2015-12-18 15:52 - 2015-12-18 16:10 - 327085379 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S09E10.HDTV.x264-CRiMSON.mp4
2015-12-18 14:10 - 2015-12-18 14:30 - 359488685 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S09E09.HDTV.x264-CRiMSON (1).mp4
2015-12-18 13:38 - 2015-12-18 13:58 - 359488685 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S09E09.HDTV.x264-CRiMSON.mp4
2015-12-18 12:56 - 2015-12-18 13:15 - 350242893 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S09E08.HDTV.x264-CRiMSON.mp4
2015-12-18 12:27 - 2015-12-18 12:42 - 263689980 _____ C:\Users\Daniela\Downloads\Keeping-Up-with-the-Kardashians-S09E07-HDTV-x264-PEPSI.mp4
2015-12-18 11:54 - 2015-12-18 12:16 - 383717057 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S09E06.HDTV.x264-CRiMSON.mp4
2015-12-18 11:04 - 2015-12-29 18:18 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-12-17 21:22 - 2015-12-17 21:41 - 344537159 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S0901.HDTV.x264-CRiMSON.mp4
2015-12-17 17:11 - 2015-12-17 17:29 - 314227704 _____ C:\Users\Daniela\Downloads\Release-DDL.com_Keeping.Up.with.the.Kardashians.S07E15.HDTV.x264-CRiMSON.mp4
2015-12-17 16:03 - 2015-12-17 16:22 - 335342725 _____ C:\Users\Daniela\Downloads\Keeping.Up.with.the.Kardashians.S07E13---Mothers-and-daughters.mp4
2015-12-17 14:40 - 2015-12-17 15:09 - 505451725 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians---s07e11-Affairs-of-the-Everhart.m4v
2015-12-17 11:55 - 2015-12-17 12:13 - 329407623 _____ C:\Users\Daniela\Downloads\Keeping_Up_with_the_Kardashians_S07E08_Sometimes_You_Need_to_Adjust_HDTV_X264-CRiMSON.mp4
2015-12-16 22:47 - 2015-12-16 23:09 - 399599085 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-s07e06---Dominican-republic.mp4
2015-12-16 20:13 - 2015-12-16 20:58 - 780070146 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-s07e04.avi
2015-12-15 22:41 - 2015-12-15 23:11 - 533776760 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-s06e14---Kim's-fairytale-wedding-Part-1.avi
2015-12-15 19:04 - 2015-12-15 19:14 - 182918320 _____ C:\Users\Daniela\Downloads\keeping.up.with.the.kardashians.s06e09.hdtv.xvid-crimson.avi
2015-12-15 13:30 - 2015-12-15 13:40 - 185292314 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S05E09.Kris.The.Cougar.Jenner.xvid.dsr.avi
2015-12-14 23:30 - 2015-12-14 23:41 - 184446020 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.DSR.S05E01.avi
2015-12-14 21:55 - 2015-12-14 22:15 - 366149632 _____ C:\Users\Daniela\Downloads\keeping.up.with.the.kardashians.s04e06.body.blows.hdtv.xvid-momentum.avi
2015-12-14 17:03 - 2015-12-14 17:13 - 183539712 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S03E05.DVDRip.XviD-aAF.avi
2015-12-14 13:21 - 2015-12-14 13:32 - 183128246 _____ C:\Users\Daniela\Downloads\Keeping.Up.with.the.Kardashians.S02E02.DSR.XviD-2SD.avi
2015-12-14 11:39 - 2015-12-14 12:03 - 425550700 _____ C:\Users\Daniela\Downloads\Keeping.Up.with.the.Kardashians.S10E04.No.Retreat.HDTVx264-LTBS.mp4
2015-12-13 23:20 - 2015-12-13 23:45 - 443811606 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S10E02.HDTV.XviD-AFG_watchseries-online.ch.avi
2015-12-13 22:18 - 2015-12-13 22:35 - 305318485 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S10E01.HDTV.x264-CRiMSON.mp4
2015-12-13 21:56 - 2015-12-13 22:00 - 180199424 _____ C:\Users\Daniela\Downloads\The-Big-Bang-Theory-S09E07-CZ-titulky.avi
2015-12-13 21:55 - 2015-12-13 21:59 - 176715602 _____ C:\Users\Daniela\Downloads\The-Big-Bang-Theory---S09E06---The-Helium-Insufficiency-CZ-tit.avi
2015-12-13 19:03 - 2015-12-13 19:30 - 364869632 _____ C:\Users\Daniela\Downloads\Upíří-deníky-(The-Vampire-diaries)-7x09-CZ-titulky.avi
2015-12-13 18:24 - 2015-12-13 18:45 - 364900352 _____ C:\Users\Daniela\Downloads\Upíří-deníky-(The-Vampire-diaries)-7x08-CZ-titulky.avi
2015-12-13 17:43 - 2015-12-13 18:06 - 366006272 _____ C:\Users\Daniela\Downloads\Upíří-deníky-(The-Vampire-diaries)-7x07-CZ-titulky.avi
2015-12-13 17:10 - 2015-12-13 17:32 - 366014464 _____ C:\Users\Daniela\Downloads\Upíří-deníky-(The-Vampire-diaries)-7x06-CZ-titulky.avi
2015-12-13 16:36 - 2015-12-13 16:57 - 364922880 _____ C:\Users\Daniela\Downloads\Upíří-deníky-7x05-CZ-titulky.avi
2015-12-13 15:54 - 2015-12-13 16:17 - 364939264 _____ C:\Users\Daniela\Downloads\Upíří-deníky-7x04-CZ-titulky.avi
2015-12-13 15:30 - 2015-12-13 15:51 - 364951552 _____ C:\Users\Daniela\Downloads\Upíří-deníky-(The-Vampire-diaries)-7x03-CZ-titulky.avi
2015-12-10 18:19 - 2015-12-10 18:19 - 00000000 ____D C:\Users\Daniela\AppData\Roaming\Maxthon3
2015-12-09 11:12 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-12-09 11:12 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-12-09 11:12 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-12-09 11:12 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-12-09 11:12 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-12-09 11:12 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-12-09 11:12 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-12-09 10:20 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2015-12-09 10:20 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2015-12-09 10:20 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2015-12-09 10:20 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2015-12-09 10:20 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-12-09 10:20 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-12-09 10:20 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll
2015-12-09 10:20 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptsslp.dll
2015-12-09 10:20 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-12-09 10:20 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-12-09 10:19 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2015-12-09 10:19 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2015-12-09 10:19 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tunnel.sys
2015-12-09 10:19 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2015-12-09 10:19 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-12-09 10:19 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-12-09 10:19 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2015-12-09 10:19 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2015-12-09 10:18 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-12-09 10:17 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-12-09 10:17 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-12-09 10:17 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-12-09 10:17 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-12-09 10:17 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-12-09 10:17 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-12-09 10:17 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-12-09 10:17 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-12-09 10:17 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-12-09 10:17 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-12-09 10:17 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-12-09 10:17 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-12-09 10:17 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-12-09 10:17 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-12-09 10:17 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-12-09 10:17 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-12-09 10:17 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2015-12-09 10:17 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-12-09 10:17 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-12-09 10:17 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-12-09 10:17 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-12-09 10:17 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-12-09 10:17 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-12-09 10:17 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-12-09 10:17 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-12-09 10:17 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-12-09 10:17 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-12-09 10:17 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-12-09 10:17 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-12-09 10:17 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-12-09 10:17 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-12-09 10:17 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-12-09 10:17 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-12-09 10:17 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-12-09 10:17 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2015-12-09 10:17 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-12-09 10:17 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-12-09 10:17 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-12-09 10:16 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
2015-12-09 10:16 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZST.DLL
2015-12-09 10:16 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
2015-12-09 10:16 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
2015-12-09 10:16 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdgeoqw.dll
2015-12-09 10:16 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZST.DLL
2015-12-09 10:16 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZEL.DLL
2015-12-09 10:16 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZE.DLL
2015-12-09 10:16 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2015-12-09 10:16 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2015-12-09 10:16 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2015-12-09 10:16 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\windows\SysWOW64\GlobCollationHost.dll
2015-12-09 10:16 - 2015-10-22 15:08 - 00513456 _____ C:\windows\SysWOW64\locale.nls
2015-12-09 10:16 - 2015-10-22 15:08 - 00513456 _____ C:\windows\system32\locale.nls
2015-12-09 10:12 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-12-09 10:12 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-12-09 10:12 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-12-09 10:12 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-12-09 10:12 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-12-09 10:12 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-12-09 10:12 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2015-12-09 10:12 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-12-09 10:11 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-12-09 10:11 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-12-09 10:11 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-12-09 10:11 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-12-09 10:11 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-12-09 10:11 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-12-09 10:11 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-12-09 10:11 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-12-09 10:11 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-12-09 10:11 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2015-12-09 10:11 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2015-12-09 10:11 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2015-12-09 10:11 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2015-12-09 10:11 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2015-12-09 10:11 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2015-12-09 10:11 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2015-12-09 10:10 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-12-09 10:10 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-12-09 10:10 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-12-09 10:10 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-12-09 10:10 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-12-09 10:10 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-12-09 10:10 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-12-09 10:10 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-12-09 10:10 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-12-09 10:10 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-12-09 10:10 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-12-09 10:10 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-12-09 10:10 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-12-09 10:10 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2015-12-09 10:10 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-12-09 10:10 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-12-09 10:10 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-12-09 10:10 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2015-12-09 10:10 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-12-09 10:10 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2015-12-09 10:10 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2015-12-09 10:10 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-12-09 10:10 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-12-09 10:10 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-12-09 10:10 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-12-09 10:10 - 2015-10-11 07:34 - 00468824 ____C (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2015-12-09 10:10 - 2015-10-11 07:34 - 00462168 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2015-12-09 10:10 - 2015-10-11 07:34 - 00443224 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2015-12-09 10:10 - 2015-10-11 07:34 - 00092504 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2015-12-09 10:10 - 2015-10-11 07:34 - 00027992 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2015-12-09 10:10 - 2015-10-10 19:41 - 00037376 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2015-12-09 10:10 - 2015-10-10 19:41 - 00030208 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2015-12-09 10:10 - 2015-10-10 19:40 - 00078848 ____C (Microsoft Corporation) C:\windows\system32\Drivers\winusb.sys
2015-12-09 10:10 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\windows\system32\PCPKsp.dll
2015-12-09 10:10 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\PCPKsp.dll
2015-12-09 10:10 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\wininit.exe
2015-12-09 10:10 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2015-12-09 10:10 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-12-09 10:10 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-12-09 10:10 - 2015-09-24 17:42 - 00348672 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll
2015-12-09 10:10 - 2015-09-24 17:40 - 00737280 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2015-12-09 10:10 - 2015-09-12 14:47 - 00414559 _____ C:\windows\system32\ApnDatabase.xml
2015-12-09 10:09 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2015-12-09 10:09 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2015-12-09 10:09 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2015-12-09 10:09 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2015-12-09 10:09 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2015-12-09 10:09 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2015-12-09 10:09 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2015-12-09 09:53 - 2015-12-30 16:05 - 00001279 _____ C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-30 16:27 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-30 16:11 - 2015-05-22 19:50 - 00003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-480796221-827829538-3836116632-1001
2015-12-30 16:08 - 2014-12-21 11:02 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2015-12-30 16:05 - 2015-05-22 19:53 - 00000000 ____D C:\ProgramData\LU
2015-12-30 16:02 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2015-12-30 15:59 - 2015-05-22 20:11 - 00000970 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-30 15:59 - 2015-05-22 20:03 - 00003962 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{751B5098-7398-43ED-8176-BBA35A89382D}
2015-12-30 15:57 - 2015-07-27 20:18 - 00000000 ____D C:\Users\Daniela\AppData\Roaming\Skype
2015-12-30 15:56 - 2015-07-12 21:43 - 00000000 ____D C:\Users\Daniela\Tracing
2015-12-30 15:56 - 2015-05-22 20:11 - 00000966 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-30 15:56 - 2015-05-22 19:53 - 00000000 ____D C:\Users\Daniela\OneDrive
2015-12-30 15:55 - 2014-12-21 10:32 - 00000000 ____D C:\ProgramData\Validity
2015-12-30 15:55 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-12-30 15:54 - 2015-06-13 20:12 - 00000000 ____D C:\Users\Daniela\AppData\Local\CrashDumps
2015-12-29 18:23 - 2014-12-21 10:53 - 00739924 _____ C:\windows\system32\perfh005.dat
2015-12-29 18:23 - 2014-12-21 10:53 - 00151610 _____ C:\windows\system32\perfc005.dat
2015-12-29 18:23 - 2014-03-18 10:53 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2015-12-29 18:23 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2015-12-29 18:05 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\GroupPolicy
2015-12-27 21:29 - 2013-08-22 16:43 - 00000000 ____D C:\windows\DigitalLocker
2015-12-27 14:07 - 2015-05-23 11:24 - 00000000 ___RD C:\Users\Daniela\Desktop\Lenovo věci
2015-12-27 14:07 - 2013-08-22 16:36 - 00000000 ____D C:\windows\schemas
2015-12-27 10:10 - 2015-05-22 20:17 - 00001317 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-27 10:10 - 2015-05-22 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-27 10:10 - 2015-05-22 19:44 - 00000996 _____ C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-27 10:10 - 2014-12-21 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2015-12-26 16:34 - 2015-10-03 18:52 - 00000000 ____D C:\Users\Daniela\Desktop\škola
2015-12-26 11:46 - 2014-12-21 11:07 - 00000000 ____D C:\ProgramData\McAfee
2015-12-26 11:45 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\BBI
2015-12-26 11:44 - 2013-08-22 16:36 - 00000000 ___HD C:\windows\ELAMBKUP
2015-12-26 11:44 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\ELAM
2015-12-26 11:43 - 2015-06-28 16:08 - 00000000 ____D C:\windows\System32\Tasks\McAfee
2015-12-26 01:29 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
2015-12-18 20:18 - 2015-06-13 23:26 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-12-18 20:18 - 2015-06-13 23:26 - 00000000 ___SD C:\windows\system32\GWX
2015-12-12 22:30 - 2015-07-12 21:37 - 00003092 _____ C:\windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-480796221-827829538-3836116632-1001
2015-12-12 22:22 - 2015-07-09 08:30 - 00000000 ____D C:\windows\system32\appraiser
2015-12-12 22:22 - 2015-05-23 13:52 - 00000000 ___SD C:\windows\system32\CompatTel
2015-12-10 18:20 - 2015-07-27 20:16 - 00000000 ____D C:\ProgramData\Skype
2015-12-10 18:16 - 2013-08-22 15:44 - 00371304 _____ C:\windows\system32\FNTCACHE.DAT
2015-12-09 22:57 - 2013-08-22 16:36 - 00000000 ___RD C:\windows\ToastData
2015-12-09 10:59 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-09 10:59 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2015-12-09 10:50 - 2015-05-23 11:31 - 00000000 ____D C:\windows\system32\MRT
2015-12-09 09:53 - 2015-05-22 20:11 - 00003942 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-09 09:53 - 2015-05-22 20:11 - 00003706 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-01 18:19 - 2015-05-23 14:02 - 00826872 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-12-01 18:19 - 2015-05-23 14:02 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-05-22 19:52 - 2015-05-31 14:04 - 0006053 _____ () C:\Users\Daniela\AppData\Roaming\AbsoluteReminder.xml
2014-12-21 10:24 - 2014-12-21 10:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Daniela\Desktop" je 16350 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Daniela (administrator) on KRAM (30-12-2015 16:29:42)
Running from C:\Users\Daniela\Desktop
Loaded Profiles: Daniela (Available Profiles: Daniela)
Platform: Windows 8.1 Connected (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
() C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files\Validity Sensors\Shared\SensorDBSynch.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(© 2015 Microsoft Corporation) C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Lenovo\Lenovo Messenger\NotificationsViewHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\Daniela\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2892616 2014-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-12-21] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-12-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10973168 2014-12-21] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] (Qualcomm®Atheros®)
HKU\S-1-5-21-480796221-827829538-3836116632-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-480796221-827829538-3836116632-1001\...\Run: [BingSvc] => C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-12-09] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-480796221-827829538-3836116632-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50509440 2015-11-30] (Skype Technologies S.A.)
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-09-26] (Amazon Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE.dll [106304 2014-09-26] (Amazon Inc.)
ShellIconOverlayIdentifiers: [00USBBlockerShellDs] -> {BE57AC86-892D-436E-B763-71DA8FA49A48} => C:\Program Files (x86)\Lenovo\USB Blocker\USBBlockerShell.dll [2013-12-25] (Lenovo(beijing) Limited)
ShellIconOverlayIdentifiers: [00USBBlockerShellRd] -> {FFBCBB89-938E-4412-88AF-AE7A531F95C1} => C:\Program Files (x86)\Lenovo\USB Blocker\USBBlockerShell.dll [2013-12-25] (Lenovo(beijing) Limited)
ShellIconOverlayIdentifiers: [00USBBlockerShellRw] -> {42D4ABFA-0604-45F1-9A7C-622F85614BAB} => C:\Program Files (x86)\Lenovo\USB Blocker\USBBlockerShell.dll [2013-12-25] (Lenovo(beijing) Limited)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3758CBB0-747A-4EE6-81B4-32984402CE01}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-480796221-827829538-3836116632-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130956008088896509&GUID=F0579D19-EE83-49A0-A6A9-7F82DAC4A1AF
HKU\S-1-5-21-480796221-827829538-3836116632-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-480796221-827829538-3836116632-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-480796221-827829538-3836116632-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-480796221-827829538-3836116632-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-09] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-29]
CHR Extension: (Dokumenty Google) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-29]
CHR Extension: (Disk Google) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-29]
CHR Extension: (YouTube) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-29]
CHR Extension: (Tabulky Google) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-30]
CHR Extension: (Skype) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-29]
CHR Extension: (Gmail) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-29]
CHR HKU\S-1-5-21-480796221-827829538-3836116632-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows (R) Win 7 DDK provider) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-10-09] (ELAN Microelectronics Corp.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-12-21] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-09] (Maxthon)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-12-21] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-12-21] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 USBBKSvc; C:\Program Files (x86)\Lenovo\USB Blocker\USBBKSvc.exe [35824 2013-12-25] (Lenovo(beijing) Limited)
R2 valWBFPolicyService; C:\Windows\System32\valWBFPolicyService.exe [46992 2014-01-17] (Validity Sensors, Inc.)
R2 valWbioSyncSvc; C:\windows\system32\valWbioSyncSvc.exe [32256 2014-01-17] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-12-24] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2013-12-12] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S2 LubFsFlt; C:\windows\System32\Drivers\LubFsFlt.sys [27384 2014-02-22] (Lenovo(beijing) Limited)
R0 LubSec; C:\Windows\System32\Drivers\LubSec.sys [45304 2014-02-22] (Lenovo(beijing) Limited)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-04-08] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290520 2013-09-24] (Realtek Semiconductor Corp.)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
R1 SMIDriver; C:\Windows\System32\drivers\smi.sys [19760 2014-01-22] (Windows (R) Win 7 DDK provider)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-30 16:29 - 2015-12-30 16:30 - 00017907 _____ C:\Users\Daniela\Desktop\FRST.txt
2015-12-30 16:27 - 2015-12-30 16:29 - 00000000 ____D C:\FRST
2015-12-30 16:26 - 2015-12-30 16:26 - 00112640 _____ (forum.viry.cz) C:\Users\Daniela\Desktop\FRSTLauncher.exe
2015-12-30 16:24 - 2015-12-30 16:24 - 02370560 _____ (Farbar) C:\Users\Daniela\Desktop\FRST64.exe
2015-12-29 18:30 - 2015-12-29 18:30 - 00000000 ____D C:\Users\Daniela\AppData\Local\GHISLER
2015-12-29 18:29 - 2015-12-30 16:08 - 00000000 ____D C:\Users\Daniela\AppData\Roaming\GHISLER
2015-12-29 18:29 - 2015-12-29 18:29 - 00000651 _____ C:\Users\Public\Desktop\Total Commander.lnk
2015-12-29 18:29 - 2015-12-29 18:29 - 00000000 ____D C:\totalcmd
2015-12-29 18:29 - 2015-12-29 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-12-29 18:29 - 2014-04-23 08:51 - 00000545 _____ C:\windows\UC.PIF
2015-12-29 18:29 - 2014-04-23 08:51 - 00000545 _____ C:\windows\RAR.PIF
2015-12-29 18:29 - 2014-04-23 08:51 - 00000545 _____ C:\windows\PKZIP.PIF
2015-12-29 18:29 - 2014-04-23 08:51 - 00000545 _____ C:\windows\PKUNZIP.PIF
2015-12-29 18:29 - 2014-04-23 08:51 - 00000545 _____ C:\windows\LHA.PIF
2015-12-29 18:29 - 2014-04-23 08:51 - 00000545 _____ C:\windows\ARJ.PIF
2015-12-29 18:28 - 2015-12-29 18:28 - 03722264 _____ (Ghisler Software GmbH) C:\Users\Daniela\Downloads\tcm851x32.exe
2015-12-29 18:23 - 2015-12-29 18:23 - 00003832 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1451409725
2015-12-29 18:22 - 2015-12-29 18:27 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-29 18:22 - 2015-12-29 18:23 - 00001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-12-29 18:22 - 2015-12-29 18:22 - 00001152 _____ C:\Users\Public\Desktop\Opera.lnk
2015-12-29 18:22 - 2015-12-29 18:22 - 00000000 ____D C:\Users\Daniela\AppData\Roaming\Opera Software
2015-12-29 18:22 - 2015-12-29 18:22 - 00000000 ____D C:\Users\Daniela\AppData\Local\Opera Software
2015-12-29 18:21 - 2015-12-29 18:21 - 28043832 _____ (Opera Software ASA) C:\Users\Daniela\Downloads\Opera_21.0.1432.67_Seznam_Setup.exe
2015-12-29 18:20 - 2015-12-29 18:20 - 00000000 ____D C:\Users\Daniela\AppData\Local\VirtualStore
2015-12-29 18:10 - 2015-12-29 17:42 - 00024064 _____ C:\windows\zoek-delete.exe
2015-12-29 17:42 - 2015-12-29 18:17 - 00000000 ____D C:\zoek_backup
2015-12-29 17:40 - 2015-12-29 17:40 - 00000829 _____ C:\Users\Daniela\Desktop\JRT.txt
2015-12-29 17:37 - 2015-12-29 17:37 - 01309184 _____ C:\Users\Daniela\Desktop\zoek.exe
2015-12-29 17:36 - 2015-12-29 17:36 - 01309184 _____ C:\Users\Daniela\Downloads\zoek.exe
2015-12-29 17:34 - 2015-12-29 17:35 - 01599336 _____ (Malwarebytes) C:\Users\Daniela\Downloads\JRT.exe
2015-12-27 17:23 - 2015-12-27 17:23 - 00001877 _____ C:\Users\Daniela\Desktop\mbam2.txt
2015-12-27 13:27 - 2015-12-27 13:27 - 00015858 _____ C:\Users\Daniela\Desktop\mbam.txt
2015-12-27 10:19 - 2015-12-27 10:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-27 10:18 - 2015-12-27 10:18 - 22908888 _____ (Malwarebytes ) C:\Users\Daniela\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-27 10:01 - 2015-12-27 10:09 - 00000000 ____D C:\AdwCleaner
2015-12-27 09:59 - 2015-12-27 09:59 - 01743360 _____ C:\Users\Daniela\Desktop\adwcleaner_5.026.exe
2015-12-26 22:03 - 2015-12-30 16:20 - 00000000 ____D C:\Program Files\trend micro
2015-12-26 22:03 - 2015-12-26 22:03 - 01222144 _____ C:\Users\Daniela\Downloads\RSITx64.exe
2015-12-26 22:03 - 2015-12-26 22:03 - 00000000 ____D C:\rsit
2015-12-26 16:33 - 2015-12-26 16:33 - 00000000 ____D C:\Users\Daniela\AppData\Roaming\LolClient
2015-12-26 14:38 - 2015-12-26 14:38 - 00000000 ____D C:\ProgramData\Riot Games
2015-12-26 14:37 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_1.dll
2015-12-26 14:37 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_2.dll
2015-12-26 14:37 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll
2015-12-26 14:37 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_39.dll
2015-12-26 14:37 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_39.dll
2015-12-26 14:36 - 2015-12-26 14:36 - 00000000 ____D C:\Riot Games
2015-12-26 14:30 - 2015-12-26 14:37 - 00000000 ____D C:\Users\Daniela\AppData\Roaming\Riot Games
2015-12-26 12:53 - 2015-12-26 12:53 - 00000000 ____D C:\Program Files (x86)\trend micro
2015-12-26 12:52 - 2015-12-26 12:52 - 01107968 _____ C:\Users\Daniela\Downloads\RSIT.exe
2015-12-26 12:32 - 2015-12-26 12:32 - 06805328 _____ (Piriform Ltd) C:\Users\Daniela\Downloads\ccsetup513.exe
2015-12-26 12:26 - 2015-12-26 12:27 - 00106372 _____ C:\windows\ntbtlog.txt
2015-12-26 11:50 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-12-26 11:33 - 2015-12-26 11:33 - 05639940 _____ (Swearware) C:\Users\Daniela\Desktop\aaa.exe
2015-12-24 01:26 - 2015-12-24 02:27 - 625791250 _____ C:\Users\Daniela\Downloads\Super-drbna-06x05---MonstrĂłznĂ--ples-DVB-T-CZ.avi
2015-12-24 00:31 - 2015-12-24 01:24 - 619629482 _____ C:\Users\Daniela\Downloads\Super-drbna-06x04---Portrét-lady-Alexandry-DVB-T-CZ.avi
2015-12-23 23:51 - 2015-12-24 00:26 - 616038816 _____ C:\Users\Daniela\Downloads\Super-drbna-06x03---Prohnilé-skandály-DVB-T-CZ.avi
2015-12-23 23:09 - 2015-12-23 23:46 - 656748280 _____ C:\Users\Daniela\Downloads\Super-drbna-06x02.avi
2015-12-23 22:26 - 2015-12-23 23:01 - 633487358 _____ C:\Users\Daniela\Downloads\Super-drbna-06x01---Hledá-se-Serena.avi
2015-12-23 22:04 - 2015-12-23 22:25 - 363167590 _____ C:\Users\Daniela\Downloads\Super-drbna-02x07-Chuckova-pravá-tvář.avi
2015-12-23 21:28 - 2015-12-23 21:56 - 480779796 _____ C:\Users\Daniela\Downloads\Super-drbna-02x06-DVBTRIP-CZ.avi
2015-12-23 21:01 - 2015-12-23 21:23 - 367013888 _____ C:\Users\Daniela\Downloads\Super-drbna-02x05-DVBTRIP-CZ.avi
2015-12-23 20:37 - 2015-12-23 20:59 - 367022080 _____ C:\Users\Daniela\Downloads\Super-drbna-02x04-DVBTRIP-CZ.avi
2015-12-23 20:09 - 2015-12-23 20:36 - 480779844 _____ C:\Users\Daniela\Downloads\Super-drbna-02x03-DVBTRIP-CZ.avi
2015-12-23 19:31 - 2015-12-23 20:03 - 480807132 _____ C:\Users\Daniela\Downloads\Super-drbna-02x02-DVBTRIP-CZ.avi
2015-12-23 18:55 - 2015-12-23 19:23 - 480570284 _____ C:\Users\Daniela\Downloads\Super-drbna-02x01-DVBTRIP-CZ.avi
2015-12-23 16:29 - 2015-12-23 16:56 - 480912478 _____ C:\Users\Daniela\Downloads\Super-drbna-01x18-DVBTRIP-CZ.avi
2015-12-23 15:45 - 2015-12-23 16:12 - 480665204 _____ C:\Users\Daniela\Downloads\Super-drbna-01x17-DVBTRIP-CZ.avi
2015-12-23 14:15 - 2015-12-23 15:06 - 480501330 _____ C:\Users\Daniela\Downloads\Super-drbna-01x16-DVBTRIP-CZ.avi
2015-12-23 00:29 - 2015-12-23 00:56 - 479442408 _____ C:\Users\Daniela\Downloads\Super-drbna-01x15-DVBTRIP-CZ.avi
2015-12-23 00:14 - 2015-12-23 00:22 - 139374644 _____ C:\Users\Daniela\Downloads\Super-drbna-01x14-DVBTRIP-CZ_xvid.mp4
2015-12-22 23:21 - 2015-12-23 00:11 - 480654192 _____ C:\Users\Daniela\Downloads\Super-drbna-01x13-DVBTRIP-CZ.avi
2015-12-22 23:07 - 2015-12-22 23:15 - 146302138 _____ C:\Users\Daniela\Downloads\Super-drbna-01x12-DVBTRIP-CZ_xvid.mp4
2015-12-22 22:46 - 2015-12-22 22:54 - 147237544 _____ C:\Users\Daniela\Downloads\Super-drbna-01x11-DVDRIP-CZ_xvid.mp4
2015-12-22 22:23 - 2015-12-22 22:31 - 145477259 _____ C:\Users\Daniela\Downloads\Super-drbna-01x10-DVDRIP-CZ_xvid.mp4
2015-12-22 22:11 - 2015-12-22 22:19 - 144059227 _____ C:\Users\Daniela\Downloads\Super-drbna-01x09-DVDRIP-CZ_xvid.mp4
2015-12-22 21:59 - 2015-12-22 22:07 - 139665493 _____ C:\Users\Daniela\Downloads\Super-drbna-01x08-DVDRIP-CZ_xvid.mp4
2015-12-22 21:48 - 2015-12-22 21:56 - 145950486 _____ C:\Users\Daniela\Downloads\Super-drbna-01x07-DVDRIP-CZ_xvid.mp4
2015-12-22 21:34 - 2015-12-22 21:42 - 146361122 _____ C:\Users\Daniela\Downloads\Super-drbna-01x06-DVDRIP-CZ_xvid.mp4
2015-12-22 21:07 - 2015-12-22 21:15 - 137976465 _____ C:\Users\Daniela\Downloads\Super-drbna-01x05-DVDRIP-CZ_xvid.mp4
2015-12-22 20:51 - 2015-12-22 20:59 - 138147300 _____ C:\Users\Daniela\Downloads\Super-drbna-01x04-DVDRIP-CZ_xvid.mp4
2015-12-22 20:09 - 2015-12-22 20:19 - 173452451 _____ C:\Users\Daniela\Downloads\Super-drbna-01x03-DVDRIP-CZ_xvid.mp4
2015-12-22 20:08 - 2015-12-22 20:11 - 139157739 _____ C:\Users\Daniela\Downloads\Super-drbna-01x01.mp4
2015-12-22 20:08 - 2015-12-22 20:10 - 128673169 _____ C:\Users\Daniela\Downloads\Super-drbna-01x02_xvid.mp4
2015-12-22 00:26 - 2015-12-22 00:49 - 419178496 _____ C:\Users\Daniela\Downloads\Super-drbna-03x13-DVDRIP-CZ.avi
2015-12-22 00:00 - 2015-12-22 00:23 - 419215360 _____ C:\Users\Daniela\Downloads\Super-drbna-03x16-DVDRIP-CZ.avi
2015-12-21 23:30 - 2015-12-21 23:53 - 419254272 _____ C:\Users\Daniela\Downloads\Super-drbna-03x15-DVDRIP-CZ.avi
2015-12-21 23:04 - 2015-12-21 23:28 - 419203072 _____ C:\Users\Daniela\Downloads\Super-drbna-03x14-DVDRIP-CZ.avi
2015-12-21 15:34 - 2015-12-21 15:58 - 424677142 _____ C:\Users\Daniela\Downloads\Keeping.Up.with.the.Kardashians.S11E05.HDTV.x264-LTBS.mp4
2015-12-21 14:19 - 2015-12-21 14:46 - 493657668 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S11E04.All.Grown.Up.HDTV-MegaTV.mp4
2015-12-21 14:16 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2015-12-21 14:16 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2015-12-20 23:44 - 2015-12-21 00:08 - 426821153 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.the.Kardashians.S11E03.HDTV.x264-LTBS.mp4
2015-12-20 22:10 - 2015-12-20 22:28 - 319646076 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-S10E17.mp4
2015-12-20 21:24 - 2015-12-20 21:44 - 335261927 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-S10E16.mp4
2015-12-20 20:38 - 2015-12-20 20:59 - 361245935 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-S10E15.mp4
2015-12-19 00:53 - 2015-12-19 01:13 - 356146924 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-S10E14.mp4
2015-12-19 00:17 - 2015-12-19 00:32 - 267688028 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S10E10.HDTV.x264-CRiMSON.mp4
2015-12-18 23:33 - 2015-12-19 00:04 - 550800109 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S10E09.Lip.Service.HDTV-MegaTV.mp4
2015-12-18 20:41 - 2015-12-18 21:10 - 506771056 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S10E07.Special.Delivery.HDTV.x264-MegaTV.mp4
2015-12-18 19:20 - 2015-12-18 19:40 - 328437714 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S10E06.HDTV.x264-CRiMSON_watchseries-online.ch.mp4
2015-12-18 18:37 - 2015-12-18 19:04 - 482895082 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S10E03.The.Carfather.HDTV-MegaJoey_watchseries-online.ch.mp4
2015-12-18 18:03 - 2015-12-18 18:24 - 376972167 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S09E13.Move.It.Or.Lose.It.WEB-DL.x264-RKSTR.mp4
2015-12-18 16:13 - 2015-12-18 16:41 - 493328664 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S09E12.PLaying.Dirty.WEB-DL.x264-RKSTR.mp4
2015-12-18 15:52 - 2015-12-18 16:10 - 327085379 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S09E10.HDTV.x264-CRiMSON.mp4
2015-12-18 14:10 - 2015-12-18 14:30 - 359488685 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S09E09.HDTV.x264-CRiMSON (1).mp4
2015-12-18 13:38 - 2015-12-18 13:58 - 359488685 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S09E09.HDTV.x264-CRiMSON.mp4
2015-12-18 12:56 - 2015-12-18 13:15 - 350242893 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S09E08.HDTV.x264-CRiMSON.mp4
2015-12-18 12:27 - 2015-12-18 12:42 - 263689980 _____ C:\Users\Daniela\Downloads\Keeping-Up-with-the-Kardashians-S09E07-HDTV-x264-PEPSI.mp4
2015-12-18 11:54 - 2015-12-18 12:16 - 383717057 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S09E06.HDTV.x264-CRiMSON.mp4
2015-12-18 11:04 - 2015-12-29 18:18 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-12-17 21:22 - 2015-12-17 21:41 - 344537159 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S0901.HDTV.x264-CRiMSON.mp4
2015-12-17 17:11 - 2015-12-17 17:29 - 314227704 _____ C:\Users\Daniela\Downloads\Release-DDL.com_Keeping.Up.with.the.Kardashians.S07E15.HDTV.x264-CRiMSON.mp4
2015-12-17 16:03 - 2015-12-17 16:22 - 335342725 _____ C:\Users\Daniela\Downloads\Keeping.Up.with.the.Kardashians.S07E13---Mothers-and-daughters.mp4
2015-12-17 14:40 - 2015-12-17 15:09 - 505451725 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians---s07e11-Affairs-of-the-Everhart.m4v
2015-12-17 11:55 - 2015-12-17 12:13 - 329407623 _____ C:\Users\Daniela\Downloads\Keeping_Up_with_the_Kardashians_S07E08_Sometimes_You_Need_to_Adjust_HDTV_X264-CRiMSON.mp4
2015-12-16 22:47 - 2015-12-16 23:09 - 399599085 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-s07e06---Dominican-republic.mp4
2015-12-16 20:13 - 2015-12-16 20:58 - 780070146 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-s07e04.avi
2015-12-15 22:41 - 2015-12-15 23:11 - 533776760 _____ C:\Users\Daniela\Downloads\Keeping-up-with-the-Kardashians-s06e14---Kim's-fairytale-wedding-Part-1.avi
2015-12-15 19:04 - 2015-12-15 19:14 - 182918320 _____ C:\Users\Daniela\Downloads\keeping.up.with.the.kardashians.s06e09.hdtv.xvid-crimson.avi
2015-12-15 13:30 - 2015-12-15 13:40 - 185292314 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S05E09.Kris.The.Cougar.Jenner.xvid.dsr.avi
2015-12-14 23:30 - 2015-12-14 23:41 - 184446020 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.DSR.S05E01.avi
2015-12-14 21:55 - 2015-12-14 22:15 - 366149632 _____ C:\Users\Daniela\Downloads\keeping.up.with.the.kardashians.s04e06.body.blows.hdtv.xvid-momentum.avi
2015-12-14 17:03 - 2015-12-14 17:13 - 183539712 _____ C:\Users\Daniela\Downloads\Keeping.Up.With.The.Kardashians.S03E05.DVDRip.XviD-aAF.avi
2015-12-14 13:21 - 2015-12-14 13:32 - 183128246 _____ C:\Users\Daniela\Downloads\Keeping.Up.with.the.Kardashians.S02E02.DSR.XviD-2SD.avi
2015-12-14 11:39 - 2015-12-14 12:03 - 425550700 _____ C:\Users\Daniela\Downloads\Keeping.Up.with.the.Kardashians.S10E04.No.Retreat.HDTVx264-LTBS.mp4
2015-12-13 23:20 - 2015-12-13 23:45 - 443811606 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S10E02.HDTV.XviD-AFG_watchseries-online.ch.avi
2015-12-13 22:18 - 2015-12-13 22:35 - 305318485 _____ C:\Users\Daniela\Downloads\Keeping.up.with.the.Kardashians.S10E01.HDTV.x264-CRiMSON.mp4
2015-12-13 21:56 - 2015-12-13 22:00 - 180199424 _____ C:\Users\Daniela\Downloads\The-Big-Bang-Theory-S09E07-CZ-titulky.avi
2015-12-13 21:55 - 2015-12-13 21:59 - 176715602 _____ C:\Users\Daniela\Downloads\The-Big-Bang-Theory---S09E06---The-Helium-Insufficiency-CZ-tit.avi
2015-12-13 19:03 - 2015-12-13 19:30 - 364869632 _____ C:\Users\Daniela\Downloads\Upíří-deníky-(The-Vampire-diaries)-7x09-CZ-titulky.avi
2015-12-13 18:24 - 2015-12-13 18:45 - 364900352 _____ C:\Users\Daniela\Downloads\Upíří-deníky-(The-Vampire-diaries)-7x08-CZ-titulky.avi
2015-12-13 17:43 - 2015-12-13 18:06 - 366006272 _____ C:\Users\Daniela\Downloads\Upíří-deníky-(The-Vampire-diaries)-7x07-CZ-titulky.avi
2015-12-13 17:10 - 2015-12-13 17:32 - 366014464 _____ C:\Users\Daniela\Downloads\Upíří-deníky-(The-Vampire-diaries)-7x06-CZ-titulky.avi
2015-12-13 16:36 - 2015-12-13 16:57 - 364922880 _____ C:\Users\Daniela\Downloads\Upíří-deníky-7x05-CZ-titulky.avi
2015-12-13 15:54 - 2015-12-13 16:17 - 364939264 _____ C:\Users\Daniela\Downloads\Upíří-deníky-7x04-CZ-titulky.avi
2015-12-13 15:30 - 2015-12-13 15:51 - 364951552 _____ C:\Users\Daniela\Downloads\Upíří-deníky-(The-Vampire-diaries)-7x03-CZ-titulky.avi
2015-12-10 18:19 - 2015-12-10 18:19 - 00000000 ____D C:\Users\Daniela\AppData\Roaming\Maxthon3
2015-12-09 11:12 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-12-09 11:12 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-12-09 11:12 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-12-09 11:12 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-12-09 11:12 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-12-09 11:12 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-12-09 11:12 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-12-09 10:20 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2015-12-09 10:20 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2015-12-09 10:20 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2015-12-09 10:20 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2015-12-09 10:20 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-12-09 10:20 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-12-09 10:20 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll
2015-12-09 10:20 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptsslp.dll
2015-12-09 10:20 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-12-09 10:20 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-12-09 10:19 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2015-12-09 10:19 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2015-12-09 10:19 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tunnel.sys
2015-12-09 10:19 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2015-12-09 10:19 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-12-09 10:19 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-12-09 10:19 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2015-12-09 10:19 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2015-12-09 10:18 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-12-09 10:17 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-12-09 10:17 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-12-09 10:17 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-12-09 10:17 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-12-09 10:17 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-12-09 10:17 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-12-09 10:17 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-12-09 10:17 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-12-09 10:17 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-12-09 10:17 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-12-09 10:17 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-12-09 10:17 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-12-09 10:17 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-12-09 10:17 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-12-09 10:17 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-12-09 10:17 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-12-09 10:17 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2015-12-09 10:17 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-12-09 10:17 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-12-09 10:17 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-12-09 10:17 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-12-09 10:17 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-12-09 10:17 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-12-09 10:17 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-12-09 10:17 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-12-09 10:17 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-12-09 10:17 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-12-09 10:17 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-12-09 10:17 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-12-09 10:17 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-12-09 10:17 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-12-09 10:17 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-12-09 10:17 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-12-09 10:17 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-12-09 10:17 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2015-12-09 10:17 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-12-09 10:17 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-12-09 10:17 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-12-09 10:16 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
2015-12-09 10:16 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZST.DLL
2015-12-09 10:16 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
2015-12-09 10:16 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
2015-12-09 10:16 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdgeoqw.dll
2015-12-09 10:16 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZST.DLL
2015-12-09 10:16 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZEL.DLL
2015-12-09 10:16 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZE.DLL
2015-12-09 10:16 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2015-12-09 10:16 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2015-12-09 10:16 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2015-12-09 10:16 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\windows\SysWOW64\GlobCollationHost.dll
2015-12-09 10:16 - 2015-10-22 15:08 - 00513456 _____ C:\windows\SysWOW64\locale.nls
2015-12-09 10:16 - 2015-10-22 15:08 - 00513456 _____ C:\windows\system32\locale.nls
2015-12-09 10:12 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-12-09 10:12 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-12-09 10:12 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-12-09 10:12 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-12-09 10:12 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-12-09 10:12 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-12-09 10:12 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2015-12-09 10:12 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-12-09 10:11 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-12-09 10:11 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-12-09 10:11 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-12-09 10:11 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-12-09 10:11 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-12-09 10:11 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-12-09 10:11 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-12-09 10:11 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-12-09 10:11 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-12-09 10:11 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2015-12-09 10:11 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2015-12-09 10:11 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2015-12-09 10:11 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2015-12-09 10:11 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2015-12-09 10:11 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2015-12-09 10:11 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2015-12-09 10:10 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-12-09 10:10 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-12-09 10:10 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-12-09 10:10 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-12-09 10:10 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-12-09 10:10 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-12-09 10:10 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-12-09 10:10 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-12-09 10:10 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-12-09 10:10 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-12-09 10:10 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-12-09 10:10 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-12-09 10:10 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-12-09 10:10 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2015-12-09 10:10 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-12-09 10:10 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-12-09 10:10 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-12-09 10:10 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2015-12-09 10:10 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-12-09 10:10 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2015-12-09 10:10 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2015-12-09 10:10 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-12-09 10:10 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-12-09 10:10 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-12-09 10:10 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-12-09 10:10 - 2015-10-11 07:34 - 00468824 ____C (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2015-12-09 10:10 - 2015-10-11 07:34 - 00462168 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2015-12-09 10:10 - 2015-10-11 07:34 - 00443224 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2015-12-09 10:10 - 2015-10-11 07:34 - 00092504 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2015-12-09 10:10 - 2015-10-11 07:34 - 00027992 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2015-12-09 10:10 - 2015-10-10 19:41 - 00037376 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2015-12-09 10:10 - 2015-10-10 19:41 - 00030208 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2015-12-09 10:10 - 2015-10-10 19:40 - 00078848 ____C (Microsoft Corporation) C:\windows\system32\Drivers\winusb.sys
2015-12-09 10:10 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\windows\system32\PCPKsp.dll
2015-12-09 10:10 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\PCPKsp.dll
2015-12-09 10:10 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\wininit.exe
2015-12-09 10:10 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2015-12-09 10:10 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-12-09 10:10 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-12-09 10:10 - 2015-09-24 17:42 - 00348672 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll
2015-12-09 10:10 - 2015-09-24 17:40 - 00737280 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2015-12-09 10:10 - 2015-09-12 14:47 - 00414559 _____ C:\windows\system32\ApnDatabase.xml
2015-12-09 10:09 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2015-12-09 10:09 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2015-12-09 10:09 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2015-12-09 10:09 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2015-12-09 10:09 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2015-12-09 10:09 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2015-12-09 10:09 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2015-12-09 09:53 - 2015-12-30 16:05 - 00001279 _____ C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-30 16:27 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-30 16:11 - 2015-05-22 19:50 - 00003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-480796221-827829538-3836116632-1001
2015-12-30 16:08 - 2014-12-21 11:02 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2015-12-30 16:05 - 2015-05-22 19:53 - 00000000 ____D C:\ProgramData\LU
2015-12-30 16:02 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2015-12-30 15:59 - 2015-05-22 20:11 - 00000970 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-30 15:59 - 2015-05-22 20:03 - 00003962 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{751B5098-7398-43ED-8176-BBA35A89382D}
2015-12-30 15:57 - 2015-07-27 20:18 - 00000000 ____D C:\Users\Daniela\AppData\Roaming\Skype
2015-12-30 15:56 - 2015-07-12 21:43 - 00000000 ____D C:\Users\Daniela\Tracing
2015-12-30 15:56 - 2015-05-22 20:11 - 00000966 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-30 15:56 - 2015-05-22 19:53 - 00000000 ____D C:\Users\Daniela\OneDrive
2015-12-30 15:55 - 2014-12-21 10:32 - 00000000 ____D C:\ProgramData\Validity
2015-12-30 15:55 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-12-30 15:54 - 2015-06-13 20:12 - 00000000 ____D C:\Users\Daniela\AppData\Local\CrashDumps
2015-12-29 18:23 - 2014-12-21 10:53 - 00739924 _____ C:\windows\system32\perfh005.dat
2015-12-29 18:23 - 2014-12-21 10:53 - 00151610 _____ C:\windows\system32\perfc005.dat
2015-12-29 18:23 - 2014-03-18 10:53 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2015-12-29 18:23 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2015-12-29 18:05 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\GroupPolicy
2015-12-27 21:29 - 2013-08-22 16:43 - 00000000 ____D C:\windows\DigitalLocker
2015-12-27 14:07 - 2015-05-23 11:24 - 00000000 ___RD C:\Users\Daniela\Desktop\Lenovo věci
2015-12-27 14:07 - 2013-08-22 16:36 - 00000000 ____D C:\windows\schemas
2015-12-27 10:10 - 2015-05-22 20:17 - 00001317 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-27 10:10 - 2015-05-22 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-27 10:10 - 2015-05-22 19:44 - 00000996 _____ C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-27 10:10 - 2014-12-21 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2015-12-26 16:34 - 2015-10-03 18:52 - 00000000 ____D C:\Users\Daniela\Desktop\škola
2015-12-26 11:46 - 2014-12-21 11:07 - 00000000 ____D C:\ProgramData\McAfee
2015-12-26 11:45 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\BBI
2015-12-26 11:44 - 2013-08-22 16:36 - 00000000 ___HD C:\windows\ELAMBKUP
2015-12-26 11:44 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\ELAM
2015-12-26 11:43 - 2015-06-28 16:08 - 00000000 ____D C:\windows\System32\Tasks\McAfee
2015-12-26 01:29 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
2015-12-18 20:18 - 2015-06-13 23:26 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-12-18 20:18 - 2015-06-13 23:26 - 00000000 ___SD C:\windows\system32\GWX
2015-12-12 22:30 - 2015-07-12 21:37 - 00003092 _____ C:\windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-480796221-827829538-3836116632-1001
2015-12-12 22:22 - 2015-07-09 08:30 - 00000000 ____D C:\windows\system32\appraiser
2015-12-12 22:22 - 2015-05-23 13:52 - 00000000 ___SD C:\windows\system32\CompatTel
2015-12-10 18:20 - 2015-07-27 20:16 - 00000000 ____D C:\ProgramData\Skype
2015-12-10 18:16 - 2013-08-22 15:44 - 00371304 _____ C:\windows\system32\FNTCACHE.DAT
2015-12-09 22:57 - 2013-08-22 16:36 - 00000000 ___RD C:\windows\ToastData
2015-12-09 10:59 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-09 10:59 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2015-12-09 10:50 - 2015-05-23 11:31 - 00000000 ____D C:\windows\system32\MRT
2015-12-09 09:53 - 2015-05-22 20:11 - 00003942 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-09 09:53 - 2015-05-22 20:11 - 00003706 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-01 18:19 - 2015-05-23 14:02 - 00826872 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-12-01 18:19 - 2015-05-23 14:02 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-05-22 19:52 - 2015-05-31 14:04 - 0006053 _____ () C:\Users\Daniela\AppData\Roaming\AbsoluteReminder.xml
2014-12-21 10:24 - 2014-12-21 10:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Daniela\Desktop" je 16350 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Re: zavirovany NTB
aditional je to takto vše vporadku?
Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-12-2015
Ran by Daniela (2015-12-30 16:31:04)
Running from C:\Users\Daniela\Desktop
Windows 8.1 Connected (X64) (2015-05-22 18:43:38)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-480796221-827829538-3836116632-500 - Administrator - Disabled)
Daniela (S-1-5-21-480796221-827829538-3836116632-1001 - Administrator - Enabled) => C:\Users\Daniela
Guest (S-1-5-21-480796221-827829538-3836116632-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.1 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.16 - Lenovo)
Energy Manager (x32 Version: 1.5.0.16 - Lenovo) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.0 - Lenovo) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.38.2 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo Security Suite (HKLM-x32\...\{184F6D30-2A4C-4BDD-85FF-BE4ABBB4232C}) (Version: 1.0.1.15 - Lenovo)
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.42 - Lenovo)
Lenovo Settings (x32 Version: 1.0.0.42 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.59 - Lenovo)
Lenovo Updates (x32 Version: 1.1.0.59 - Lenovo) Hidden
Lenovo USB Blocker (HKLM-x32\...\InstallShield_{18706F18-ACE4-4510-A59C-104693E7978B}) (Version: 1.0.0.37 - Lenovo)
Lenovo USB Blocker (x32 Version: 1.0.0.37 - Lenovo) Hidden
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-480796221-827829538-3836116632-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29071 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7254 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.103 - Skype Technologies S.A.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Validity WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.247.0 - )
Validity WBF DDK 5011 (HKLM\...\{B38B22CB-F5BA-4803-BE59-EDD70D71CB2F}) (Version: 4.5.247.0 - Validity Sensors, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1E0DF930-0AE3-4F60-AC7F-9AC2E4BA1990} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {2AD7FC4B-4DEC-433C-BF10-93C3CD914560} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {4284B64B-7863-4BD8-9751-58E0BB334580} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {5251CBC5-DFF3-4F8F-89B9-DFCF59D9E590} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {6FF58B14-97DE-4700-A9F6-7D0C435A94C3} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {76182D36-B891-4335-9E90-0398FB1EE72B} - System32\Tasks\Opera scheduled Autoupdate 1451409725 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software)
Task: {7CCBDE18-B08E-4B6C-95B8-657D719F9737} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {8007E0E2-661C-4719-9CD1-7A4099E4C989} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-480796221-827829538-3836116632-1001 => C:\Users\Daniela\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-12] (Microsoft Corporation)
Task: {9208B582-43FB-4B04-A4FE-4A31739D4A30} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {B3AA68D5-440A-43A6-93AE-97F694D8D72C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-11-23] (Microsoft Corporation)
Task: {B658F767-682C-4ED2-8551-507D4079AE7F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {BB08F742-21A7-444F-95C8-091437DE9D6D} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-09-11] (Maxthon International ltd.)
Task: {BC3AC0FA-689B-47A8-8D23-2BCBE0D411B6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {C0AA8C3D-4C7C-4D2D-B771-A73535E4EC54} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {CD1FDC3B-C9E4-4122-B1D5-0ACEBFFE823A} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {D55412B9-FAE6-4A23-BA6C-D09EC9E7F726} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-08-19] (Lenovo)
Task: {D8BACF88-1E20-4E1B-824B-5E8FD3505BF3} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {F8C8C472-5CC2-4B0F-B930-1EEC1102902B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {FDF2577D-2E65-4FA0-A0C3-5AC6A580387A} - \OFFICE2013ACT -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-12-2015
Ran by Daniela (2015-12-30 16:31:04)
Running from C:\Users\Daniela\Desktop
Windows 8.1 Connected (X64) (2015-05-22 18:43:38)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-480796221-827829538-3836116632-500 - Administrator - Disabled)
Daniela (S-1-5-21-480796221-827829538-3836116632-1001 - Administrator - Enabled) => C:\Users\Daniela
Guest (S-1-5-21-480796221-827829538-3836116632-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.1 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.16 - Lenovo)
Energy Manager (x32 Version: 1.5.0.16 - Lenovo) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.0 - Lenovo) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.38.2 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo Security Suite (HKLM-x32\...\{184F6D30-2A4C-4BDD-85FF-BE4ABBB4232C}) (Version: 1.0.1.15 - Lenovo)
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.42 - Lenovo)
Lenovo Settings (x32 Version: 1.0.0.42 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.59 - Lenovo)
Lenovo Updates (x32 Version: 1.1.0.59 - Lenovo) Hidden
Lenovo USB Blocker (HKLM-x32\...\InstallShield_{18706F18-ACE4-4510-A59C-104693E7978B}) (Version: 1.0.0.37 - Lenovo)
Lenovo USB Blocker (x32 Version: 1.0.0.37 - Lenovo) Hidden
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-480796221-827829538-3836116632-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29071 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7254 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.103 - Skype Technologies S.A.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Validity WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.247.0 - )
Validity WBF DDK 5011 (HKLM\...\{B38B22CB-F5BA-4803-BE59-EDD70D71CB2F}) (Version: 4.5.247.0 - Validity Sensors, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1E0DF930-0AE3-4F60-AC7F-9AC2E4BA1990} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {2AD7FC4B-4DEC-433C-BF10-93C3CD914560} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {4284B64B-7863-4BD8-9751-58E0BB334580} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {5251CBC5-DFF3-4F8F-89B9-DFCF59D9E590} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {6FF58B14-97DE-4700-A9F6-7D0C435A94C3} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {76182D36-B891-4335-9E90-0398FB1EE72B} - System32\Tasks\Opera scheduled Autoupdate 1451409725 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software)
Task: {7CCBDE18-B08E-4B6C-95B8-657D719F9737} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {8007E0E2-661C-4719-9CD1-7A4099E4C989} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-480796221-827829538-3836116632-1001 => C:\Users\Daniela\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-12] (Microsoft Corporation)
Task: {9208B582-43FB-4B04-A4FE-4A31739D4A30} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {B3AA68D5-440A-43A6-93AE-97F694D8D72C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-11-23] (Microsoft Corporation)
Task: {B658F767-682C-4ED2-8551-507D4079AE7F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {BB08F742-21A7-444F-95C8-091437DE9D6D} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-09-11] (Maxthon International ltd.)
Task: {BC3AC0FA-689B-47A8-8D23-2BCBE0D411B6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {C0AA8C3D-4C7C-4D2D-B771-A73535E4EC54} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {CD1FDC3B-C9E4-4122-B1D5-0ACEBFFE823A} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {D55412B9-FAE6-4A23-BA6C-D09EC9E7F726} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-08-19] (Lenovo)
Task: {D8BACF88-1E20-4E1B-824B-5E8FD3505BF3} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {F8C8C472-5CC2-4B0F-B930-1EEC1102902B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {FDF2577D-2E65-4FA0-A0C3-5AC6A580387A} - \OFFICE2013ACT -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
Přispějete na provoz fóra?