Dobrý večer, prosím o kontrolu logu, neustále mi vyskakují nechtěné reklamy. Díky.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2016-11-15 17:28:40
Microsoft Windows 8.1
System drive C: has 387 GB (86%) free of 450 GB
Total RAM: 4007 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:28:47, on 15. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
C:\Windows\jmesoft\hotkey.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Users\Lenka\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Users\Lenka\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
C:\Program Files\trend micro\Lenka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [jmekey] C:\windows\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
O4 - HKLM\..\Run: [LVT] C:\Program Files\Lenovo\LVT\LJYZ.exe 1
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: FacebookGamesNotifier.exe.lnk = Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: JME Keyboard Driver (JME Keyboard) - Unknown owner - C:\Windows\jmesoft\Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9523 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe"
C:\Windows\jmesoft\Service.exe
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-201af1f3-6221-4fa9-897d-b89390cc24fd -SystemEventPortName:HostProcess-1c61abbd-a844-491e-8c96-88ba98dca1bc -IoCancelEventPortName:HostProcess-0d6f7cbe-777a-4375-a7d6-48beb28579d5 -NonStateChangingEventPortName:HostProcess-2ccfb826-c34e-4364-a98c-72f163417cd0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:26a9920c-1815-4495-aef8-6ef2b14c2ad0 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x1418_0x15cc_0x7b18ae11"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
taskhostex.exe
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Dolby Digital Plus\ddp.exe" -autostart
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe"
"C:\Windows\jmesoft\hotkey.exe"
"C:\Windows\jmesoft\JME_LOAD.exe"
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
CefSharp.BrowserSubprocess.exe --type=gpu-process --channel="3032.0.550172412\643067597" --no-sandbox --lang=en-US --log-file="C:\Users\Lenka\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.0.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.0.0.0]" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x1606 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4501 --lang=en-US --log-file="C:\Users\Lenka\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.0.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.0.0.0]" /prefetch:2
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=54.0.2840.71 --handshake-handle=0x114
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,14,15,16,19,33,50,59 --gpu-vendor-id=0x8086 --gpu-device-id=0x1606 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4501 --gpu-driver-date=8-11-2016 --mojo-application-channel-token=7205FA9F62D5622659D2A7B0511067FE --mojo-platform-channel-handle=1148 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=5B8821E0933DA613947EB023B68B8784 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=5B8821E0933DA613947EB023B68B8784 --channel="4336.3.98156008\974166769" --mojo-platform-channel-handle=2584 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=BA86B13A71892C6DF68DCD4F926FADCA --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=BA86B13A71892C6DF68DCD4F926FADCA --channel="4336.4.314611576\61500069" --mojo-platform-channel-handle=2324 /prefetch:1
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
CefSharp.BrowserSubprocess.exe --type=renderer --force-device-scale-factor=1 --no-sandbox --lang=en-US --lang=en-US --log-file="C:\Users\Lenka\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.0.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.0.0.0]" --enable-system-flash=1 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3032.1.2142102194\1569501626" /prefetch:1 --wcf-enabled
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=552883ED487D940063D5F9D4C42437E3 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=552883ED487D940063D5F9D4C42437E3 --channel="4336.12.265768376\1195405117" --mojo-platform-channel-handle=6936 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=D3796A4EFA8D20C9089D6805D5F89F9D --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=D3796A4EFA8D20C9089D6805D5F89F9D --channel="4336.15.241593882\337927259" --mojo-platform-channel-handle=6932 /prefetch:1
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe19_ Global\UsGthrCtrlFltPipeMssGthrPipe19 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\Lenka\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\1h08qw72.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-26 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-26 664848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-06-25 36352]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-08-14 13675736]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-01 1396592]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-01 1396592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-04-15 8698584]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-06-09 2917456]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"jmekey"=C:\windows\jmesoft\hotkey.exe [2013-07-24 118784]
"jmesoft"=C:\Windows\jmesoft\ServiceLoader.exe [2011-08-17 28672]
"LVT"=C:\Program Files\Lenovo\LVT\LJYZ.exe [2011-11-24 886112]
"CLMLServer"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [2009-12-05 103720]
"UpdateP2GoShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-10 9044392]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
FacebookGamesNotifier.exe.lnk - C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-15 17:28:41 ----D---- C:\Program Files\trend micro
2016-11-15 17:28:40 ----D---- C:\rsit
2016-11-13 13:52:44 ----D---- C:\WINDOWS\Cache
2016-11-13 13:52:13 ----D---- C:\Program Files (x86)\3DO
2016-11-13 13:44:36 ----D---- C:\ProgramData\InstallShield
2016-11-09 23:05:28 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft
2016-11-09 07:25:13 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 07:25:11 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 07:25:09 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 07:25:08 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 07:25:07 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 07:25:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 07:25:05 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 07:25:05 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-11-09 07:25:04 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 07:25:03 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 07:25:02 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 07:25:02 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 07:25:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 07:24:59 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 07:24:59 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 07:24:58 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 07:24:58 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2016-11-09 07:24:57 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2016-11-09 07:24:56 ----A---- C:\WINDOWS\system32\SessEnv.dll
2016-11-09 07:24:56 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 07:24:55 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2016-11-09 07:24:55 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2016-11-09 07:24:52 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 07:24:52 ----A---- C:\WINDOWS\system32\pdh.dll
2016-11-09 07:24:52 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 07:24:51 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\localspl.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 07:24:46 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-11-09 07:24:46 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 07:24:45 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 07:24:45 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\SYSWOW64\iscsidsc.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\xolehlp.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\iscsidsc.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 07:24:42 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 07:24:42 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-11-09 07:24:38 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 07:24:37 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\certcli.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\jscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-11-09 07:24:32 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-06 20:31:22 ----D---- C:\Users\Lenka\AppData\Roaming\YoudaGames
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_5.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2016-11-06 20:29:46 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_43.dll
2016-11-06 20:29:46 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_6.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_4.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_6.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_7.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2016-10-30 19:04:00 ----D---- C:\Program Files (x86)\Next Stop 2
2016-10-30 17:26:25 ----D---- C:\Users\Lenka\AppData\Roaming\Laruaville5
2016-10-30 17:25:23 ----D---- C:\Program Files (x86)\Laruaville 5
2016-10-26 20:16:25 ----D---- C:\Users\Lenka\AppData\Roaming\ToyDefenseFantasy
2016-10-23 13:16:21 ----D---- C:\Program Files (x86)\Weather Lord - Royal Holidays Collectors Edition
2016-10-23 13:09:37 ----D---- C:\ProgramData\Big Fish
2016-10-23 13:09:36 ----D---- C:\Program Files (x86)\bfgclient
2016-10-23 13:07:45 ----D---- C:\BigFishCache
2016-10-19 16:15:33 ----D---- C:\Users\Lenka\AppData\Roaming\Atlantic Quest 3-v-0-0-18
======List of files/folders modified in the last 1 month======
2016-11-15 17:28:41 ----RD---- C:\Program Files
2016-11-15 17:00:00 ----D---- C:\WINDOWS\system32\sru
2016-11-15 16:51:49 ----D---- C:\WINDOWS\Prefetch
2016-11-15 16:49:15 ----D---- C:\WINDOWS\Microsoft.NET
2016-11-15 15:48:12 ----D---- C:\WINDOWS\system32\config
2016-11-15 15:19:37 ----D---- C:\WINDOWS\system32\drivers
2016-11-15 15:19:06 ----D---- C:\WINDOWS\Temp
2016-11-15 14:19:12 ----RAD---- C:\WINDOWS\System32
2016-11-15 14:19:12 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-14 15:08:26 ----D---- C:\WINDOWS\Inf
2016-11-14 15:08:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-13 15:02:28 ----HD---- C:\ProgramData
2016-11-13 13:54:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-13 13:54:47 ----SHD---- C:\WINDOWS\Installer
2016-11-13 13:54:27 ----D---- C:\ProgramData\Adobe
2016-11-13 13:54:26 ----D---- C:\Program Files (x86)\Common Files
2016-11-13 13:54:25 ----D---- C:\Program Files (x86)\Adobe
2016-11-13 13:52:44 ----AD---- C:\Windows
2016-11-13 13:52:13 ----RD---- C:\Program Files (x86)
2016-11-13 13:49:41 ----D---- C:\Program Files (x86)\Ubisoft
2016-11-13 13:45:45 ----SHD---- C:\System Volume Information
2016-11-11 14:34:31 ----D---- C:\WINDOWS\AppReadiness
2016-11-10 10:39:44 ----D---- C:\WINDOWS\rescache
2016-11-09 23:06:24 ----D---- C:\WINDOWS\WinSxS
2016-11-09 23:05:28 ----D---- C:\WINDOWS\SysWOW64
2016-11-09 23:00:16 ----RD---- C:\WINDOWS\ToastData
2016-11-09 23:00:14 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 23:00:14 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-09 23:00:14 ----D---- C:\Program Files\Internet Explorer
2016-11-09 23:00:14 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-09 23:00:13 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-11-09 23:00:12 ----D---- C:\WINDOWS\system32\migration
2016-11-09 23:00:12 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-09 23:00:11 ----D---- C:\WINDOWS\system32\en-US
2016-11-09 23:00:07 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-09 22:55:23 ----D---- C:\WINDOWS\CbsTemp
2016-11-09 08:02:25 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 07:58:39 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-09 07:08:27 ----D---- C:\WINDOWS\system32\catroot2
2016-11-08 16:00:26 ----D---- C:\WINDOWS\system32\Macromed
2016-11-08 16:00:23 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-08 15:31:37 ----D---- C:\WINDOWS\LiveKernelReports
2016-11-06 20:29:07 ----RSD---- C:\WINDOWS\assembly
2016-11-06 20:26:56 ----D---- C:\WINDOWS\Logs
2016-11-04 14:59:11 ----D---- C:\WINDOWS\debug
2016-11-04 06:42:24 ----D---- C:\WINDOWS\SoftwareDistribution
2016-10-30 20:28:25 ----AD---- C:\ProgramData\Temp
2016-10-28 22:04:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-22 12:57:07 ----D---- C:\Users\Lenka\AppData\Roaming\AlawarEntertainment
2016-10-18 19:25:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-10-18 18:20:19 ----D---- C:\WINDOWS\system32\NDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-26 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-14 293352]
R0 BTATH_BUS;@oem7.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-06-25 670056]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-26 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-26 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-26 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-26 513632]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-26 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-26 163416]
R3 AthBTPort;@oem10.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2014-02-26 89800]
R3 athr;@oem69.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-11-13 3880448]
R3 BTATH_A2DP;@oem9.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2014-02-26 355528]
R3 btath_avdt;@oem9.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2014-02-26 118984]
R3 BTATH_HCRP;@oem12.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2014-02-26 179432]
R3 BTATH_LWFLT;@oem14.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2014-02-26 77464]
R3 BTATH_RCP;@oem16.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2014-02-26 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-02-26 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-08-18 7949800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-09-09 4205144]
R3 iwdbus;@oem5.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-07 39920]
R3 MEIx64;@oem66.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-10-10 129312]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem71.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2013-10-18 290520]
R3 RTL8168;@oem68.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 rtsuvc;@oem47.inf,%rtsuvc.DeviceDesc%;Lenovo USB2.0 UVC Camera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2014-05-02 9112792]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-26 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-07 51704]
S3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2015-06-05 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-26 319104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-26 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-06-25 16232]
R2 IdeaTouch.LocalDataServer.Education;IdeaTouch.LocalDataServer.Education; C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe [2012-05-17 7680]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-08-18 365032]
R2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-10-10 132896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-10-10 158496]
R2 JME Keyboard;JME Keyboard Driver; C:\Windows\jmesoft\Service.exe [2011-08-17 32768]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-10-10 409376]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-10-08 389896]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2016-09-04 350064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08 270016]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-08-18 292832]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2016-09-04 210288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-12-06 619776]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-12-02 272776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-16 146888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-06-09 1518672]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nechtěné reklamy
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nechtěné reklamy
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nechtěné reklamy
# AdwCleaner v6.030 - Logfile created 15/11/2016 at 20:08:38
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-15.1 [Server]
# Operating System : Windows 8.1 (X64)
# Username : Lenka - MILEMIMO
# Running from : C:\Users\Lenka\Downloads\adwcleaner_6.030.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
[-] File deleted: C:\Users\Lenka\AppData\Local\Microsoft\Internet Explorer\DOMStore\YYJ4T9YT\televisionfanatic.dl.myway[1].xml
[-] File deleted: C:\Users\Lenka\AppData\Local\Microsoft\Internet Explorer\DOMStore\W3794718\download.televisionfanatic[1].xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\download.televisionfanatic.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\myway.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\televisionfanatic.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\televisionfanatic.dl.myway.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\staticimgfarm.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ttdetect.staticimgfarm.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\staticimgfarm.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ttdetect.staticimgfarm.com
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1780 Bytes] - [15/11/2016 20:08:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [2045 Bytes] - [15/11/2016 20:08:10]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1926 Bytes] ##########
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-15.1 [Server]
# Operating System : Windows 8.1 (X64)
# Username : Lenka - MILEMIMO
# Running from : C:\Users\Lenka\Downloads\adwcleaner_6.030.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
[-] File deleted: C:\Users\Lenka\AppData\Local\Microsoft\Internet Explorer\DOMStore\YYJ4T9YT\televisionfanatic.dl.myway[1].xml
[-] File deleted: C:\Users\Lenka\AppData\Local\Microsoft\Internet Explorer\DOMStore\W3794718\download.televisionfanatic[1].xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\download.televisionfanatic.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\myway.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\televisionfanatic.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\televisionfanatic.dl.myway.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\staticimgfarm.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ttdetect.staticimgfarm.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\staticimgfarm.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ttdetect.staticimgfarm.com
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1780 Bytes] - [15/11/2016 20:08:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [2045 Bytes] - [15/11/2016 20:08:10]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1926 Bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nechtěné reklamy
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nechtěné reklamy
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2016-11-15 22:32:27
Microsoft Windows 8.1
System drive C: has 387 GB (86%) free of 450 GB
Total RAM: 4007 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:32:28, on 15. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
C:\Windows\jmesoft\hotkey.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Lenka\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Users\Lenka\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
C:\Program Files\trend micro\Lenka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [jmekey] C:\windows\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
O4 - HKLM\..\Run: [LVT] C:\Program Files\Lenovo\LVT\LJYZ.exe 1
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: FacebookGamesNotifier.exe.lnk = Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: JME Keyboard Driver (JME Keyboard) - Unknown owner - C:\Windows\jmesoft\Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9523 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe"
C:\Windows\jmesoft\Service.exe
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-45d25eea-5bb4-40c6-948c-55f35ec82e48 -SystemEventPortName:HostProcess-90e5a5a9-6268-41db-9821-9f6a9793bd04 -IoCancelEventPortName:HostProcess-609677ba-be98-4cd5-8d7c-40a2ad2a641d -NonStateChangingEventPortName:HostProcess-94ade768-5f22-4323-8ed6-c75b1a657437 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d9399480-4814-4045-b8a0-e9f2f23dfe21 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
taskhostex.exe
"C:\Program Files\Dolby Digital Plus\ddp.exe" -autostart
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe"
"C:\Windows\jmesoft\hotkey.exe"
"C:\Windows\jmesoft\JME_LOAD.exe"
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
CefSharp.BrowserSubprocess.exe --type=gpu-process --channel="4080.0.234754419\1484530892" --no-sandbox --lang=en-US --log-file="C:\Users\Lenka\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.0.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.0.0.0]" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x1606 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4501 --lang=en-US --log-file="C:\Users\Lenka\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.0.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.0.0.0]" /prefetch:2
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0xfec_0x4a0_0x4a5df8ca"
CefSharp.BrowserSubprocess.exe --type=renderer --force-device-scale-factor=1 --no-sandbox --lang=en-US --lang=en-US --log-file="C:\Users\Lenka\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.0.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.0.0.0]" --enable-system-flash=1 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4080.1.2086435989\1963138627" /prefetch:1 --wcf-enabled
ctfmon.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lenka\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\1h08qw72.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-26 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-26 664848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-06-25 36352]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-08-14 13675736]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-01 1396592]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-01 1396592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-04-15 8698584]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-06-09 2917456]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"jmekey"=C:\windows\jmesoft\hotkey.exe [2013-07-24 118784]
"jmesoft"=C:\Windows\jmesoft\ServiceLoader.exe [2011-08-17 28672]
"LVT"=C:\Program Files\Lenovo\LVT\LJYZ.exe [2011-11-24 886112]
"CLMLServer"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [2009-12-05 103720]
"UpdateP2GoShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-10 9044392]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
FacebookGamesNotifier.exe.lnk - C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-15 20:06:32 ----D---- C:\AdwCleaner
2016-11-15 17:28:41 ----D---- C:\Program Files\trend micro
2016-11-15 17:28:40 ----D---- C:\rsit
2016-11-13 13:52:44 ----D---- C:\WINDOWS\Cache
2016-11-13 13:52:13 ----D---- C:\Program Files (x86)\3DO
2016-11-13 13:44:36 ----D---- C:\ProgramData\InstallShield
2016-11-09 23:05:28 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft
2016-11-09 07:25:13 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 07:25:11 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 07:25:09 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 07:25:08 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 07:25:07 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 07:25:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 07:25:05 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 07:25:05 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-11-09 07:25:04 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 07:25:03 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 07:25:02 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 07:25:02 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 07:25:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 07:24:59 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 07:24:59 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 07:24:58 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 07:24:58 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2016-11-09 07:24:57 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2016-11-09 07:24:56 ----A---- C:\WINDOWS\system32\SessEnv.dll
2016-11-09 07:24:56 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 07:24:55 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2016-11-09 07:24:55 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2016-11-09 07:24:52 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 07:24:52 ----A---- C:\WINDOWS\system32\pdh.dll
2016-11-09 07:24:52 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 07:24:51 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\localspl.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 07:24:46 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-11-09 07:24:46 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 07:24:45 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 07:24:45 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\SYSWOW64\iscsidsc.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\xolehlp.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\iscsidsc.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 07:24:42 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 07:24:42 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-11-09 07:24:38 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 07:24:37 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\certcli.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\jscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-11-09 07:24:32 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-06 20:31:22 ----D---- C:\Users\Lenka\AppData\Roaming\YoudaGames
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_5.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2016-11-06 20:29:46 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_43.dll
2016-11-06 20:29:46 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_6.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_4.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_6.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_7.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2016-10-30 19:04:00 ----D---- C:\Program Files (x86)\Next Stop 2
2016-10-30 17:26:25 ----D---- C:\Users\Lenka\AppData\Roaming\Laruaville5
2016-10-30 17:25:23 ----D---- C:\Program Files (x86)\Laruaville 5
2016-10-26 20:16:25 ----D---- C:\Users\Lenka\AppData\Roaming\ToyDefenseFantasy
2016-10-23 13:16:21 ----D---- C:\Program Files (x86)\Weather Lord - Royal Holidays Collectors Edition
2016-10-23 13:09:37 ----D---- C:\ProgramData\Big Fish
2016-10-23 13:09:36 ----D---- C:\Program Files (x86)\bfgclient
2016-10-23 13:07:45 ----D---- C:\BigFishCache
2016-10-19 16:15:33 ----D---- C:\Users\Lenka\AppData\Roaming\Atlantic Quest 3-v-0-0-18
======List of files/folders modified in the last 1 month======
2016-11-15 22:31:57 ----D---- C:\WINDOWS\Prefetch
2016-11-15 22:00:00 ----D---- C:\WINDOWS\system32\sru
2016-11-15 20:36:16 ----D---- C:\WINDOWS\system32\config
2016-11-15 20:27:16 ----D---- C:\WINDOWS\CbsTemp
2016-11-15 20:27:15 ----D---- C:\WINDOWS\WinSxS
2016-11-15 20:25:52 ----RAD---- C:\WINDOWS\System32
2016-11-15 20:25:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-11-15 20:25:52 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-15 20:25:52 ----D---- C:\WINDOWS\SysWOW64
2016-11-15 20:25:52 ----D---- C:\WINDOWS\system32\en-US
2016-11-15 20:25:52 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnsvr.exe
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnhupnp.dll
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnhpast.dll
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnet.dll
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnathlp.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnet.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnathlp.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dpwsockx.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dpmodemx.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dplayx.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dplaysvr.exe
2016-11-15 20:25:34 ----SHD---- C:\System Volume Information
2016-11-15 20:16:01 ----D---- C:\WINDOWS\Inf
2016-11-15 20:16:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-15 20:15:15 ----D---- C:\WINDOWS\Temp
2016-11-15 20:10:22 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-15 20:04:38 ----D---- C:\WINDOWS\Microsoft.NET
2016-11-15 17:28:41 ----RD---- C:\Program Files
2016-11-15 15:19:37 ----D---- C:\WINDOWS\system32\drivers
2016-11-13 15:02:28 ----HD---- C:\ProgramData
2016-11-13 13:54:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-13 13:54:47 ----SHD---- C:\WINDOWS\Installer
2016-11-13 13:54:27 ----D---- C:\ProgramData\Adobe
2016-11-13 13:54:26 ----D---- C:\Program Files (x86)\Common Files
2016-11-13 13:54:25 ----D---- C:\Program Files (x86)\Adobe
2016-11-13 13:52:44 ----AD---- C:\Windows
2016-11-13 13:52:13 ----RD---- C:\Program Files (x86)
2016-11-13 13:49:41 ----D---- C:\Program Files (x86)\Ubisoft
2016-11-11 14:34:31 ----D---- C:\WINDOWS\AppReadiness
2016-11-10 10:39:44 ----D---- C:\WINDOWS\rescache
2016-11-09 23:00:16 ----RD---- C:\WINDOWS\ToastData
2016-11-09 23:00:14 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 23:00:14 ----D---- C:\Program Files\Internet Explorer
2016-11-09 23:00:14 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-09 23:00:12 ----D---- C:\WINDOWS\system32\migration
2016-11-09 23:00:07 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-09 08:02:25 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 07:58:39 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-09 07:08:27 ----D---- C:\WINDOWS\system32\catroot2
2016-11-08 16:00:26 ----D---- C:\WINDOWS\system32\Macromed
2016-11-08 16:00:23 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-08 15:31:37 ----D---- C:\WINDOWS\LiveKernelReports
2016-11-06 20:29:07 ----RSD---- C:\WINDOWS\assembly
2016-11-06 20:26:56 ----D---- C:\WINDOWS\Logs
2016-11-04 14:59:11 ----D---- C:\WINDOWS\debug
2016-11-04 06:42:24 ----D---- C:\WINDOWS\SoftwareDistribution
2016-10-30 20:28:25 ----AD---- C:\ProgramData\Temp
2016-10-28 22:04:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-22 12:57:07 ----D---- C:\Users\Lenka\AppData\Roaming\AlawarEntertainment
2016-10-18 19:25:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-10-18 18:20:19 ----D---- C:\WINDOWS\system32\NDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-26 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-14 293352]
R0 BTATH_BUS;@oem7.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-06-25 670056]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-26 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-26 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-26 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-26 513632]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-26 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-26 163416]
R3 AthBTPort;@oem10.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2014-02-26 89800]
R3 athr;@oem69.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-11-13 3880448]
R3 BTATH_A2DP;@oem9.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2014-02-26 355528]
R3 btath_avdt;@oem9.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2014-02-26 118984]
R3 BTATH_HCRP;@oem12.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2014-02-26 179432]
R3 BTATH_LWFLT;@oem14.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2014-02-26 77464]
R3 BTATH_RCP;@oem16.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2014-02-26 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-02-26 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-08-18 7949800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-09-09 4205144]
R3 iwdbus;@oem5.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-07 39920]
R3 MEIx64;@oem66.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-10-10 129312]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem71.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2013-10-18 290520]
R3 RTL8168;@oem68.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 rtsuvc;@oem47.inf,%rtsuvc.DeviceDesc%;Lenovo USB2.0 UVC Camera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2014-05-02 9112792]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-26 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-07 51704]
S3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2015-06-05 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-26 319104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-26 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-06-25 16232]
R2 IdeaTouch.LocalDataServer.Education;IdeaTouch.LocalDataServer.Education; C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe [2012-05-17 7680]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-08-18 365032]
R2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-10-10 132896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-10-10 158496]
R2 JME Keyboard;JME Keyboard Driver; C:\Windows\jmesoft\Service.exe [2011-08-17 32768]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-10-10 409376]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-10-08 389896]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2016-09-04 350064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08 270016]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-08-18 292832]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2016-09-04 210288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-12-06 619776]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-12-02 272776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-16 146888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-06-09 1518672]
-----------------EOF-----------------
Run by Lenka at 2016-11-15 22:32:27
Microsoft Windows 8.1
System drive C: has 387 GB (86%) free of 450 GB
Total RAM: 4007 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:32:28, on 15. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
C:\Windows\jmesoft\hotkey.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Lenka\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Users\Lenka\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
C:\Program Files\trend micro\Lenka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [jmekey] C:\windows\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
O4 - HKLM\..\Run: [LVT] C:\Program Files\Lenovo\LVT\LJYZ.exe 1
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: FacebookGamesNotifier.exe.lnk = Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: JME Keyboard Driver (JME Keyboard) - Unknown owner - C:\Windows\jmesoft\Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9523 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe"
C:\Windows\jmesoft\Service.exe
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-45d25eea-5bb4-40c6-948c-55f35ec82e48 -SystemEventPortName:HostProcess-90e5a5a9-6268-41db-9821-9f6a9793bd04 -IoCancelEventPortName:HostProcess-609677ba-be98-4cd5-8d7c-40a2ad2a641d -NonStateChangingEventPortName:HostProcess-94ade768-5f22-4323-8ed6-c75b1a657437 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d9399480-4814-4045-b8a0-e9f2f23dfe21 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
taskhostex.exe
"C:\Program Files\Dolby Digital Plus\ddp.exe" -autostart
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe"
"C:\Windows\jmesoft\hotkey.exe"
"C:\Windows\jmesoft\JME_LOAD.exe"
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
CefSharp.BrowserSubprocess.exe --type=gpu-process --channel="4080.0.234754419\1484530892" --no-sandbox --lang=en-US --log-file="C:\Users\Lenka\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.0.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.0.0.0]" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x1606 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4501 --lang=en-US --log-file="C:\Users\Lenka\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.0.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.0.0.0]" /prefetch:2
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0xfec_0x4a0_0x4a5df8ca"
CefSharp.BrowserSubprocess.exe --type=renderer --force-device-scale-factor=1 --no-sandbox --lang=en-US --lang=en-US --log-file="C:\Users\Lenka\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.0.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.0.0.0]" --enable-system-flash=1 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4080.1.2086435989\1963138627" /prefetch:1 --wcf-enabled
ctfmon.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lenka\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\1h08qw72.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-26 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-26 664848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-06-25 36352]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-08-14 13675736]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-01 1396592]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-01 1396592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-04-15 8698584]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-06-09 2917456]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"jmekey"=C:\windows\jmesoft\hotkey.exe [2013-07-24 118784]
"jmesoft"=C:\Windows\jmesoft\ServiceLoader.exe [2011-08-17 28672]
"LVT"=C:\Program Files\Lenovo\LVT\LJYZ.exe [2011-11-24 886112]
"CLMLServer"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [2009-12-05 103720]
"UpdateP2GoShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-10 9044392]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
FacebookGamesNotifier.exe.lnk - C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-15 20:06:32 ----D---- C:\AdwCleaner
2016-11-15 17:28:41 ----D---- C:\Program Files\trend micro
2016-11-15 17:28:40 ----D---- C:\rsit
2016-11-13 13:52:44 ----D---- C:\WINDOWS\Cache
2016-11-13 13:52:13 ----D---- C:\Program Files (x86)\3DO
2016-11-13 13:44:36 ----D---- C:\ProgramData\InstallShield
2016-11-09 23:05:28 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft
2016-11-09 07:25:13 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 07:25:11 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 07:25:09 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 07:25:08 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 07:25:07 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 07:25:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 07:25:05 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 07:25:05 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-11-09 07:25:04 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 07:25:03 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 07:25:02 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 07:25:02 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 07:25:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 07:24:59 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 07:24:59 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 07:24:58 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 07:24:58 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2016-11-09 07:24:57 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2016-11-09 07:24:56 ----A---- C:\WINDOWS\system32\SessEnv.dll
2016-11-09 07:24:56 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 07:24:55 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2016-11-09 07:24:55 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2016-11-09 07:24:52 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 07:24:52 ----A---- C:\WINDOWS\system32\pdh.dll
2016-11-09 07:24:52 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 07:24:51 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\localspl.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 07:24:46 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-11-09 07:24:46 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 07:24:45 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 07:24:45 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\SYSWOW64\iscsidsc.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\xolehlp.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\iscsidsc.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 07:24:42 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 07:24:42 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-11-09 07:24:38 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 07:24:37 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\certcli.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\jscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-11-09 07:24:32 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-06 20:31:22 ----D---- C:\Users\Lenka\AppData\Roaming\YoudaGames
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_5.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2016-11-06 20:29:46 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_43.dll
2016-11-06 20:29:46 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_6.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_4.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_6.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_7.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2016-10-30 19:04:00 ----D---- C:\Program Files (x86)\Next Stop 2
2016-10-30 17:26:25 ----D---- C:\Users\Lenka\AppData\Roaming\Laruaville5
2016-10-30 17:25:23 ----D---- C:\Program Files (x86)\Laruaville 5
2016-10-26 20:16:25 ----D---- C:\Users\Lenka\AppData\Roaming\ToyDefenseFantasy
2016-10-23 13:16:21 ----D---- C:\Program Files (x86)\Weather Lord - Royal Holidays Collectors Edition
2016-10-23 13:09:37 ----D---- C:\ProgramData\Big Fish
2016-10-23 13:09:36 ----D---- C:\Program Files (x86)\bfgclient
2016-10-23 13:07:45 ----D---- C:\BigFishCache
2016-10-19 16:15:33 ----D---- C:\Users\Lenka\AppData\Roaming\Atlantic Quest 3-v-0-0-18
======List of files/folders modified in the last 1 month======
2016-11-15 22:31:57 ----D---- C:\WINDOWS\Prefetch
2016-11-15 22:00:00 ----D---- C:\WINDOWS\system32\sru
2016-11-15 20:36:16 ----D---- C:\WINDOWS\system32\config
2016-11-15 20:27:16 ----D---- C:\WINDOWS\CbsTemp
2016-11-15 20:27:15 ----D---- C:\WINDOWS\WinSxS
2016-11-15 20:25:52 ----RAD---- C:\WINDOWS\System32
2016-11-15 20:25:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-11-15 20:25:52 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-15 20:25:52 ----D---- C:\WINDOWS\SysWOW64
2016-11-15 20:25:52 ----D---- C:\WINDOWS\system32\en-US
2016-11-15 20:25:52 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnsvr.exe
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnhupnp.dll
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnhpast.dll
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnet.dll
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnathlp.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnet.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnathlp.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dpwsockx.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dpmodemx.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dplayx.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dplaysvr.exe
2016-11-15 20:25:34 ----SHD---- C:\System Volume Information
2016-11-15 20:16:01 ----D---- C:\WINDOWS\Inf
2016-11-15 20:16:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-15 20:15:15 ----D---- C:\WINDOWS\Temp
2016-11-15 20:10:22 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-15 20:04:38 ----D---- C:\WINDOWS\Microsoft.NET
2016-11-15 17:28:41 ----RD---- C:\Program Files
2016-11-15 15:19:37 ----D---- C:\WINDOWS\system32\drivers
2016-11-13 15:02:28 ----HD---- C:\ProgramData
2016-11-13 13:54:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-13 13:54:47 ----SHD---- C:\WINDOWS\Installer
2016-11-13 13:54:27 ----D---- C:\ProgramData\Adobe
2016-11-13 13:54:26 ----D---- C:\Program Files (x86)\Common Files
2016-11-13 13:54:25 ----D---- C:\Program Files (x86)\Adobe
2016-11-13 13:52:44 ----AD---- C:\Windows
2016-11-13 13:52:13 ----RD---- C:\Program Files (x86)
2016-11-13 13:49:41 ----D---- C:\Program Files (x86)\Ubisoft
2016-11-11 14:34:31 ----D---- C:\WINDOWS\AppReadiness
2016-11-10 10:39:44 ----D---- C:\WINDOWS\rescache
2016-11-09 23:00:16 ----RD---- C:\WINDOWS\ToastData
2016-11-09 23:00:14 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 23:00:14 ----D---- C:\Program Files\Internet Explorer
2016-11-09 23:00:14 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-09 23:00:12 ----D---- C:\WINDOWS\system32\migration
2016-11-09 23:00:07 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-09 08:02:25 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 07:58:39 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-09 07:08:27 ----D---- C:\WINDOWS\system32\catroot2
2016-11-08 16:00:26 ----D---- C:\WINDOWS\system32\Macromed
2016-11-08 16:00:23 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-08 15:31:37 ----D---- C:\WINDOWS\LiveKernelReports
2016-11-06 20:29:07 ----RSD---- C:\WINDOWS\assembly
2016-11-06 20:26:56 ----D---- C:\WINDOWS\Logs
2016-11-04 14:59:11 ----D---- C:\WINDOWS\debug
2016-11-04 06:42:24 ----D---- C:\WINDOWS\SoftwareDistribution
2016-10-30 20:28:25 ----AD---- C:\ProgramData\Temp
2016-10-28 22:04:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-22 12:57:07 ----D---- C:\Users\Lenka\AppData\Roaming\AlawarEntertainment
2016-10-18 19:25:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-10-18 18:20:19 ----D---- C:\WINDOWS\system32\NDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-26 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-14 293352]
R0 BTATH_BUS;@oem7.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-06-25 670056]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-26 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-26 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-26 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-26 513632]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-26 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-26 163416]
R3 AthBTPort;@oem10.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2014-02-26 89800]
R3 athr;@oem69.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-11-13 3880448]
R3 BTATH_A2DP;@oem9.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2014-02-26 355528]
R3 btath_avdt;@oem9.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2014-02-26 118984]
R3 BTATH_HCRP;@oem12.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2014-02-26 179432]
R3 BTATH_LWFLT;@oem14.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2014-02-26 77464]
R3 BTATH_RCP;@oem16.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2014-02-26 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-02-26 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-08-18 7949800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-09-09 4205144]
R3 iwdbus;@oem5.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-07 39920]
R3 MEIx64;@oem66.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-10-10 129312]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem71.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2013-10-18 290520]
R3 RTL8168;@oem68.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 rtsuvc;@oem47.inf,%rtsuvc.DeviceDesc%;Lenovo USB2.0 UVC Camera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2014-05-02 9112792]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-26 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-07 51704]
S3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2015-06-05 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-26 319104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-26 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-06-25 16232]
R2 IdeaTouch.LocalDataServer.Education;IdeaTouch.LocalDataServer.Education; C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe [2012-05-17 7680]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-08-18 365032]
R2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-10-10 132896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-10-10 158496]
R2 JME Keyboard;JME Keyboard Driver; C:\Windows\jmesoft\Service.exe [2011-08-17 32768]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-10-10 409376]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-10-08 389896]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2016-09-04 350064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08 270016]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-08-18 292832]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2016-09-04 210288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-12-06 619776]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-12-02 272776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-16 146888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-06-09 1518672]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nechtěné reklamy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nechtěné reklamy
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2016-11-17 10:58:52
Microsoft Windows 8.1
System drive C: has 387 GB (86%) free of 450 GB
Total RAM: 4007 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:58:55, on 17. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
C:\Windows\jmesoft\hotkey.exe
C:\Program Files\Lenovo\LVT\LJYZ.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Users\Lenka\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\trend micro\Lenka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [jmekey] C:\windows\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
O4 - HKLM\..\Run: [LVT] C:\Program Files\Lenovo\LVT\LJYZ.exe 1
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: FacebookGamesNotifier.exe.lnk = Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: JME Keyboard Driver (JME Keyboard) - Unknown owner - C:\Windows\jmesoft\Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9485 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe"
C:\Windows\jmesoft\Service.exe
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f7d641c3-5b5d-4525-89c8-41410c3c3d97 -SystemEventPortName:HostProcess-656734d3-b404-45e8-9ca5-61d84bbf68c3 -IoCancelEventPortName:HostProcess-58d5ec68-ea0a-41fc-8be8-eb81b5dca169 -NonStateChangingEventPortName:HostProcess-62475247-0989-41c0-9b4f-614c6d2d312e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d0d778b1-0ed8-45a7-9f10-325c0bddde0c -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskeng.exe {AA9A852E-4DB8-43F7-A2E5-6585BC8699FF}
taskhostex.exe
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Dolby Digital Plus\ddp.exe" -autostart
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\11172016_104551.log
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\skydrive.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe"
"C:\Windows\jmesoft\hotkey.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Lenovo\LVT\LJYZ.exe" 1
"C:\Windows\jmesoft\JME_LOAD.exe"
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
CefSharp.BrowserSubprocess.exe --type=gpu-process --channel="3984.0.761089947\2087853026" --no-sandbox --lang=en-US --log-file="C:\Users\Lenka\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.0.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.0.0.0]" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x1606 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4501 --lang=en-US --log-file="C:\Users\Lenka\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.0.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.0.0.0]" /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x114
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Control_20160627/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,15,16,17,20,34,51,60 --gpu-vendor-id=0x8086 --gpu-device-id=0x1606 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4501 --gpu-driver-date=8-11-2016 --mojo-application-channel-token=8AAACA233CF97DB5FC253D88D9141C7C --mojo-platform-channel-handle=1160 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20160627/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=0570F3A994FA26802AF4081C0FC556E0 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=0570F3A994FA26802AF4081C0FC556E0 --channel="4240.1.1524860787\124413739" --mojo-platform-channel-handle=2620 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20160627/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=A05E94DFB4DB64D622CD86F578C69E71 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=A05E94DFB4DB64D622CD86F578C69E71 --channel="4240.3.877908615\678422191" --mojo-platform-channel-handle=3300 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20160627/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=4FFABCCF221B4D8895C12975074797E2 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=4FFABCCF221B4D8895C12975074797E2 --channel="4240.4.1204811966\588468014" --mojo-platform-channel-handle=3032 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20160627/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=34D57B4003FC2A37272D142956EF6EC0 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=34D57B4003FC2A37272D142956EF6EC0 --channel="4240.7.528094149\561976284" --mojo-platform-channel-handle=5320 /prefetch:1
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lenka\Downloads\RSITx64 (2).exe"
rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\System32\wsqmcons.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\1h08qw72.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-26 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-26 664848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-06-25 36352]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-08-14 13675736]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-01 1396592]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-01 1396592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-04-15 8698584]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-06-09 2917456]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"jmekey"=C:\windows\jmesoft\hotkey.exe [2013-07-24 118784]
"jmesoft"=C:\Windows\jmesoft\ServiceLoader.exe [2011-08-17 28672]
"LVT"=C:\Program Files\Lenovo\LVT\LJYZ.exe [2011-11-24 886112]
"CLMLServer"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [2009-12-05 103720]
"UpdateP2GoShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
FacebookGamesNotifier.exe.lnk - C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-17 10:45:51 ----D---- C:\_OTM
2016-11-15 20:06:32 ----D---- C:\AdwCleaner
2016-11-15 17:28:41 ----D---- C:\Program Files\trend micro
2016-11-15 17:28:40 ----D---- C:\rsit
2016-11-13 13:52:44 ----D---- C:\WINDOWS\Cache
2016-11-13 13:52:13 ----D---- C:\Program Files (x86)\3DO
2016-11-13 13:44:36 ----D---- C:\ProgramData\InstallShield
2016-11-09 23:05:28 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft
2016-11-09 07:25:13 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 07:25:11 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 07:25:09 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 07:25:08 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 07:25:07 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 07:25:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 07:25:05 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 07:25:05 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-11-09 07:25:04 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 07:25:03 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 07:25:02 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 07:25:02 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 07:25:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 07:24:59 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 07:24:59 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 07:24:58 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 07:24:58 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2016-11-09 07:24:57 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2016-11-09 07:24:56 ----A---- C:\WINDOWS\system32\SessEnv.dll
2016-11-09 07:24:56 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 07:24:55 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2016-11-09 07:24:55 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2016-11-09 07:24:52 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 07:24:52 ----A---- C:\WINDOWS\system32\pdh.dll
2016-11-09 07:24:52 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 07:24:51 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\localspl.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 07:24:46 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-11-09 07:24:46 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 07:24:45 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 07:24:45 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\SYSWOW64\iscsidsc.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\xolehlp.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\iscsidsc.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 07:24:42 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 07:24:42 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-11-09 07:24:38 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 07:24:37 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\certcli.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\jscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-11-09 07:24:32 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-06 20:31:22 ----D---- C:\Users\Lenka\AppData\Roaming\YoudaGames
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_5.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2016-11-06 20:29:46 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_43.dll
2016-11-06 20:29:46 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_6.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_4.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_6.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_7.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2016-10-30 19:04:00 ----D---- C:\Program Files (x86)\Next Stop 2
2016-10-30 17:26:25 ----D---- C:\Users\Lenka\AppData\Roaming\Laruaville5
2016-10-30 17:25:23 ----D---- C:\Program Files (x86)\Laruaville 5
2016-10-26 20:16:25 ----D---- C:\Users\Lenka\AppData\Roaming\ToyDefenseFantasy
2016-10-23 13:16:21 ----D---- C:\Program Files (x86)\Weather Lord - Royal Holidays Collectors Edition
2016-10-23 13:09:37 ----D---- C:\ProgramData\Big Fish
2016-10-23 13:09:36 ----D---- C:\Program Files (x86)\bfgclient
2016-10-23 13:07:45 ----D---- C:\BigFishCache
2016-10-19 16:15:33 ----D---- C:\Users\Lenka\AppData\Roaming\Atlantic Quest 3-v-0-0-18
======List of files/folders modified in the last 1 month======
2016-11-17 10:58:02 ----D---- C:\WINDOWS\Temp
2016-11-17 10:57:03 ----D---- C:\WINDOWS\Prefetch
2016-11-17 10:56:47 ----RAD---- C:\WINDOWS\System32
2016-11-17 10:56:47 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-17 10:56:09 ----D---- C:\WINDOWS\Inf
2016-11-17 10:56:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-17 10:45:52 ----D---- C:\WINDOWS\Tasks
2016-11-17 10:02:00 ----D---- C:\WINDOWS\system32\sru
2016-11-17 09:47:36 ----HD---- C:\Program Files\WindowsApps
2016-11-17 09:47:36 ----D---- C:\WINDOWS\AppReadiness
2016-11-17 06:52:24 ----D---- C:\WINDOWS\system32\config
2016-11-17 06:49:19 ----D---- C:\WINDOWS\Microsoft.NET
2016-11-16 19:19:05 ----D---- C:\WINDOWS\system32\drivers
2016-11-15 20:27:16 ----D---- C:\WINDOWS\CbsTemp
2016-11-15 20:27:15 ----D---- C:\WINDOWS\WinSxS
2016-11-15 20:25:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-11-15 20:25:52 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-15 20:25:52 ----D---- C:\WINDOWS\SysWOW64
2016-11-15 20:25:52 ----D---- C:\WINDOWS\system32\en-US
2016-11-15 20:25:52 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnsvr.exe
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnhupnp.dll
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnhpast.dll
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnet.dll
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnathlp.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnet.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnathlp.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dpwsockx.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dpmodemx.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dplayx.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dplaysvr.exe
2016-11-15 20:25:34 ----SHD---- C:\System Volume Information
2016-11-15 17:28:41 ----RD---- C:\Program Files
2016-11-13 15:02:28 ----HD---- C:\ProgramData
2016-11-13 13:54:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-13 13:54:47 ----SHD---- C:\WINDOWS\Installer
2016-11-13 13:54:27 ----D---- C:\ProgramData\Adobe
2016-11-13 13:54:26 ----D---- C:\Program Files (x86)\Common Files
2016-11-13 13:54:25 ----D---- C:\Program Files (x86)\Adobe
2016-11-13 13:52:44 ----AD---- C:\Windows
2016-11-13 13:52:13 ----RD---- C:\Program Files (x86)
2016-11-13 13:49:41 ----D---- C:\Program Files (x86)\Ubisoft
2016-11-10 10:39:44 ----D---- C:\WINDOWS\rescache
2016-11-09 23:00:16 ----RD---- C:\WINDOWS\ToastData
2016-11-09 23:00:14 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 23:00:14 ----D---- C:\Program Files\Internet Explorer
2016-11-09 23:00:14 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-09 23:00:12 ----D---- C:\WINDOWS\system32\migration
2016-11-09 23:00:07 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-09 08:02:25 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 07:58:39 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-09 07:08:27 ----D---- C:\WINDOWS\system32\catroot2
2016-11-08 16:00:26 ----D---- C:\WINDOWS\system32\Macromed
2016-11-08 16:00:23 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-08 15:31:37 ----D---- C:\WINDOWS\LiveKernelReports
2016-11-06 20:29:07 ----RSD---- C:\WINDOWS\assembly
2016-11-06 20:26:56 ----D---- C:\WINDOWS\Logs
2016-11-04 14:59:11 ----D---- C:\WINDOWS\debug
2016-11-04 06:42:24 ----D---- C:\WINDOWS\SoftwareDistribution
2016-10-30 20:28:25 ----AD---- C:\ProgramData\Temp
2016-10-28 22:04:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-22 12:57:07 ----D---- C:\Users\Lenka\AppData\Roaming\AlawarEntertainment
2016-10-18 19:25:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-10-18 18:20:19 ----D---- C:\WINDOWS\system32\NDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-26 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-14 293352]
R0 BTATH_BUS;@oem7.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-06-25 670056]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-26 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-26 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-26 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-26 513632]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-26 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-26 163416]
R3 AthBTPort;@oem10.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2014-02-26 89800]
R3 athr;@oem69.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-11-13 3880448]
R3 BTATH_A2DP;@oem9.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2014-02-26 355528]
R3 btath_avdt;@oem9.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2014-02-26 118984]
R3 BTATH_HCRP;@oem12.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2014-02-26 179432]
R3 BTATH_LWFLT;@oem14.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2014-02-26 77464]
R3 BTATH_RCP;@oem16.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2014-02-26 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-02-26 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-08-18 7949800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-09-09 4205144]
R3 iwdbus;@oem5.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-07 39920]
R3 MEIx64;@oem66.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-10-10 129312]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem71.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2013-10-18 290520]
R3 RTL8168;@oem68.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 rtsuvc;@oem47.inf,%rtsuvc.DeviceDesc%;Lenovo USB2.0 UVC Camera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2014-05-02 9112792]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-26 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-07 51704]
S3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2015-06-05 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-26 319104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-26 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-06-25 16232]
R2 IdeaTouch.LocalDataServer.Education;IdeaTouch.LocalDataServer.Education; C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe [2012-05-17 7680]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-08-18 365032]
R2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-10-10 132896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-10-10 158496]
R2 JME Keyboard;JME Keyboard Driver; C:\Windows\jmesoft\Service.exe [2011-08-17 32768]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-10-10 409376]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-10-08 389896]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2016-09-04 350064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08 270016]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-08-18 292832]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2016-09-04 210288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-12-06 619776]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-12-02 272776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-16 146888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-06-09 1518672]
-----------------EOF-----------------
Run by Lenka at 2016-11-17 10:58:52
Microsoft Windows 8.1
System drive C: has 387 GB (86%) free of 450 GB
Total RAM: 4007 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:58:55, on 17. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
C:\Windows\jmesoft\hotkey.exe
C:\Program Files\Lenovo\LVT\LJYZ.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Users\Lenka\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\trend micro\Lenka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [jmekey] C:\windows\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
O4 - HKLM\..\Run: [LVT] C:\Program Files\Lenovo\LVT\LJYZ.exe 1
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: FacebookGamesNotifier.exe.lnk = Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: JME Keyboard Driver (JME Keyboard) - Unknown owner - C:\Windows\jmesoft\Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9485 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe"
C:\Windows\jmesoft\Service.exe
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f7d641c3-5b5d-4525-89c8-41410c3c3d97 -SystemEventPortName:HostProcess-656734d3-b404-45e8-9ca5-61d84bbf68c3 -IoCancelEventPortName:HostProcess-58d5ec68-ea0a-41fc-8be8-eb81b5dca169 -NonStateChangingEventPortName:HostProcess-62475247-0989-41c0-9b4f-614c6d2d312e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d0d778b1-0ed8-45a7-9f10-325c0bddde0c -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskeng.exe {AA9A852E-4DB8-43F7-A2E5-6585BC8699FF}
taskhostex.exe
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Dolby Digital Plus\ddp.exe" -autostart
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\11172016_104551.log
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\skydrive.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe"
"C:\Windows\jmesoft\hotkey.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Lenovo\LVT\LJYZ.exe" 1
"C:\Windows\jmesoft\JME_LOAD.exe"
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
CefSharp.BrowserSubprocess.exe --type=gpu-process --channel="3984.0.761089947\2087853026" --no-sandbox --lang=en-US --log-file="C:\Users\Lenka\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.0.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.0.0.0]" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x1606 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4501 --lang=en-US --log-file="C:\Users\Lenka\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.0.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.0.0.0]" /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x114
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Control_20160627/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,15,16,17,20,34,51,60 --gpu-vendor-id=0x8086 --gpu-device-id=0x1606 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4501 --gpu-driver-date=8-11-2016 --mojo-application-channel-token=8AAACA233CF97DB5FC253D88D9141C7C --mojo-platform-channel-handle=1160 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20160627/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=0570F3A994FA26802AF4081C0FC556E0 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=0570F3A994FA26802AF4081C0FC556E0 --channel="4240.1.1524860787\124413739" --mojo-platform-channel-handle=2620 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20160627/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=A05E94DFB4DB64D622CD86F578C69E71 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=A05E94DFB4DB64D622CD86F578C69E71 --channel="4240.3.877908615\678422191" --mojo-platform-channel-handle=3300 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20160627/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=4FFABCCF221B4D8895C12975074797E2 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=4FFABCCF221B4D8895C12975074797E2 --channel="4240.4.1204811966\588468014" --mojo-platform-channel-handle=3032 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20160627/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_31/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=34D57B4003FC2A37272D142956EF6EC0 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=34D57B4003FC2A37272D142956EF6EC0 --channel="4240.7.528094149\561976284" --mojo-platform-channel-handle=5320 /prefetch:1
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lenka\Downloads\RSITx64 (2).exe"
rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\System32\wsqmcons.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\1h08qw72.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-26 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-26 664848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-06-25 36352]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-08-14 13675736]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-01 1396592]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-01 1396592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-04-15 8698584]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-06-09 2917456]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"jmekey"=C:\windows\jmesoft\hotkey.exe [2013-07-24 118784]
"jmesoft"=C:\Windows\jmesoft\ServiceLoader.exe [2011-08-17 28672]
"LVT"=C:\Program Files\Lenovo\LVT\LJYZ.exe [2011-11-24 886112]
"CLMLServer"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [2009-12-05 103720]
"UpdateP2GoShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]
C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
FacebookGamesNotifier.exe.lnk - C:\Users\Lenka\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-17 10:45:51 ----D---- C:\_OTM
2016-11-15 20:06:32 ----D---- C:\AdwCleaner
2016-11-15 17:28:41 ----D---- C:\Program Files\trend micro
2016-11-15 17:28:40 ----D---- C:\rsit
2016-11-13 13:52:44 ----D---- C:\WINDOWS\Cache
2016-11-13 13:52:13 ----D---- C:\Program Files (x86)\3DO
2016-11-13 13:44:36 ----D---- C:\ProgramData\InstallShield
2016-11-09 23:05:28 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft
2016-11-09 07:25:13 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 07:25:11 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 07:25:09 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 07:25:08 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 07:25:07 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 07:25:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 07:25:05 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 07:25:05 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-11-09 07:25:04 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 07:25:03 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 07:25:02 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 07:25:02 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 07:25:01 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 07:25:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 07:24:59 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 07:24:59 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 07:24:58 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 07:24:58 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2016-11-09 07:24:57 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2016-11-09 07:24:56 ----A---- C:\WINDOWS\system32\SessEnv.dll
2016-11-09 07:24:56 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 07:24:55 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2016-11-09 07:24:55 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2016-11-09 07:24:54 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 07:24:53 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2016-11-09 07:24:52 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 07:24:52 ----A---- C:\WINDOWS\system32\pdh.dll
2016-11-09 07:24:52 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 07:24:51 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 07:24:50 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-11-09 07:24:49 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\localspl.dll
2016-11-09 07:24:48 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-11-09 07:24:47 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 07:24:46 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-11-09 07:24:46 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 07:24:45 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 07:24:45 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\SYSWOW64\iscsidsc.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\xolehlp.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\iscsidsc.dll
2016-11-09 07:24:44 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 07:24:42 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 07:24:42 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-11-09 07:24:39 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-11-09 07:24:38 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 07:24:37 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 07:24:36 ----A---- C:\WINDOWS\system32\certcli.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 07:24:34 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\jscript.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 07:24:33 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-11-09 07:24:32 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-06 20:31:22 ----D---- C:\Users\Lenka\AppData\Roaming\YoudaGames
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_5.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2016-11-06 20:29:49 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2016-11-06 20:29:48 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2016-11-06 20:29:47 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2016-11-06 20:29:46 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_43.dll
2016-11-06 20:29:46 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_6.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_4.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_6.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_7.dll
2016-11-06 20:29:45 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2016-10-30 19:04:00 ----D---- C:\Program Files (x86)\Next Stop 2
2016-10-30 17:26:25 ----D---- C:\Users\Lenka\AppData\Roaming\Laruaville5
2016-10-30 17:25:23 ----D---- C:\Program Files (x86)\Laruaville 5
2016-10-26 20:16:25 ----D---- C:\Users\Lenka\AppData\Roaming\ToyDefenseFantasy
2016-10-23 13:16:21 ----D---- C:\Program Files (x86)\Weather Lord - Royal Holidays Collectors Edition
2016-10-23 13:09:37 ----D---- C:\ProgramData\Big Fish
2016-10-23 13:09:36 ----D---- C:\Program Files (x86)\bfgclient
2016-10-23 13:07:45 ----D---- C:\BigFishCache
2016-10-19 16:15:33 ----D---- C:\Users\Lenka\AppData\Roaming\Atlantic Quest 3-v-0-0-18
======List of files/folders modified in the last 1 month======
2016-11-17 10:58:02 ----D---- C:\WINDOWS\Temp
2016-11-17 10:57:03 ----D---- C:\WINDOWS\Prefetch
2016-11-17 10:56:47 ----RAD---- C:\WINDOWS\System32
2016-11-17 10:56:47 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-17 10:56:09 ----D---- C:\WINDOWS\Inf
2016-11-17 10:56:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-17 10:45:52 ----D---- C:\WINDOWS\Tasks
2016-11-17 10:02:00 ----D---- C:\WINDOWS\system32\sru
2016-11-17 09:47:36 ----HD---- C:\Program Files\WindowsApps
2016-11-17 09:47:36 ----D---- C:\WINDOWS\AppReadiness
2016-11-17 06:52:24 ----D---- C:\WINDOWS\system32\config
2016-11-17 06:49:19 ----D---- C:\WINDOWS\Microsoft.NET
2016-11-16 19:19:05 ----D---- C:\WINDOWS\system32\drivers
2016-11-15 20:27:16 ----D---- C:\WINDOWS\CbsTemp
2016-11-15 20:27:15 ----D---- C:\WINDOWS\WinSxS
2016-11-15 20:25:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-11-15 20:25:52 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-15 20:25:52 ----D---- C:\WINDOWS\SysWOW64
2016-11-15 20:25:52 ----D---- C:\WINDOWS\system32\en-US
2016-11-15 20:25:52 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnsvr.exe
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnhupnp.dll
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnhpast.dll
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnet.dll
2016-11-15 20:25:50 ----A---- C:\WINDOWS\SYSWOW64\dpnathlp.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnet.dll
2016-11-15 20:25:49 ----A---- C:\WINDOWS\system32\dpnathlp.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dpwsockx.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dpmodemx.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dplayx.dll
2016-11-15 20:25:43 ----A---- C:\WINDOWS\SYSWOW64\dplaysvr.exe
2016-11-15 20:25:34 ----SHD---- C:\System Volume Information
2016-11-15 17:28:41 ----RD---- C:\Program Files
2016-11-13 15:02:28 ----HD---- C:\ProgramData
2016-11-13 13:54:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-13 13:54:47 ----SHD---- C:\WINDOWS\Installer
2016-11-13 13:54:27 ----D---- C:\ProgramData\Adobe
2016-11-13 13:54:26 ----D---- C:\Program Files (x86)\Common Files
2016-11-13 13:54:25 ----D---- C:\Program Files (x86)\Adobe
2016-11-13 13:52:44 ----AD---- C:\Windows
2016-11-13 13:52:13 ----RD---- C:\Program Files (x86)
2016-11-13 13:49:41 ----D---- C:\Program Files (x86)\Ubisoft
2016-11-10 10:39:44 ----D---- C:\WINDOWS\rescache
2016-11-09 23:00:16 ----RD---- C:\WINDOWS\ToastData
2016-11-09 23:00:14 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 23:00:14 ----D---- C:\Program Files\Internet Explorer
2016-11-09 23:00:14 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-09 23:00:12 ----D---- C:\WINDOWS\system32\migration
2016-11-09 23:00:07 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-09 08:02:25 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 07:58:39 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-09 07:08:27 ----D---- C:\WINDOWS\system32\catroot2
2016-11-08 16:00:26 ----D---- C:\WINDOWS\system32\Macromed
2016-11-08 16:00:23 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-08 15:31:37 ----D---- C:\WINDOWS\LiveKernelReports
2016-11-06 20:29:07 ----RSD---- C:\WINDOWS\assembly
2016-11-06 20:26:56 ----D---- C:\WINDOWS\Logs
2016-11-04 14:59:11 ----D---- C:\WINDOWS\debug
2016-11-04 06:42:24 ----D---- C:\WINDOWS\SoftwareDistribution
2016-10-30 20:28:25 ----AD---- C:\ProgramData\Temp
2016-10-28 22:04:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-22 12:57:07 ----D---- C:\Users\Lenka\AppData\Roaming\AlawarEntertainment
2016-10-18 19:25:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-10-18 18:20:19 ----D---- C:\WINDOWS\system32\NDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-26 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-14 293352]
R0 BTATH_BUS;@oem7.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-06-25 670056]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-26 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-26 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-26 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-26 513632]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-26 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-26 163416]
R3 AthBTPort;@oem10.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2014-02-26 89800]
R3 athr;@oem69.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-11-13 3880448]
R3 BTATH_A2DP;@oem9.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2014-02-26 355528]
R3 btath_avdt;@oem9.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2014-02-26 118984]
R3 BTATH_HCRP;@oem12.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2014-02-26 179432]
R3 BTATH_LWFLT;@oem14.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2014-02-26 77464]
R3 BTATH_RCP;@oem16.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2014-02-26 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-02-26 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-08-18 7949800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-09-09 4205144]
R3 iwdbus;@oem5.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-07 39920]
R3 MEIx64;@oem66.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-10-10 129312]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem71.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2013-10-18 290520]
R3 RTL8168;@oem68.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 rtsuvc;@oem47.inf,%rtsuvc.DeviceDesc%;Lenovo USB2.0 UVC Camera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2014-05-02 9112792]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-26 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-07 51704]
S3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2015-06-05 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-26 319104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-26 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-06-25 16232]
R2 IdeaTouch.LocalDataServer.Education;IdeaTouch.LocalDataServer.Education; C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe [2012-05-17 7680]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-08-18 365032]
R2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-10-10 132896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-10-10 158496]
R2 JME Keyboard;JME Keyboard Driver; C:\Windows\jmesoft\Service.exe [2011-08-17 32768]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-10-10 409376]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-10-08 389896]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2016-09-04 350064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08 270016]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-08-18 292832]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2016-09-04 210288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-12-06 619776]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-12-02 272776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-16 146888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-06-09 1518672]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nechtěné reklamy
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nechtěné reklamy
Bohužel, potíže přetrvávají...
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nechtěné reklamy
Spusťte ještě následující skeny:
1. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
a
2. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
1. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
a
2. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nechtěné reklamy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 8.1 x64
Ran by Lenka (Administrator) on źt 17. 11. 2016 at 12:30:32,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 5
Successfully deleted: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp (Folder)
Successfully deleted: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gdalhedleemkkdjddjgfjmcnbpejpapp_0.localstorage (File)
Successfully deleted: C:\Users\Lenka\AppData\Roaming\alawarentertainment (Folder)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERDOC_2016_SETUP.TMP-4AC1A315.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERDOC_2016_SETUP.TMP-EA6814C9.pf (File)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 17. 11. 2016 at 12:33:11,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 8.1 x64
Ran by Lenka (Administrator) on źt 17. 11. 2016 at 12:30:32,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 5
Successfully deleted: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp (Folder)
Successfully deleted: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gdalhedleemkkdjddjgfjmcnbpejpapp_0.localstorage (File)
Successfully deleted: C:\Users\Lenka\AppData\Roaming\alawarentertainment (Folder)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERDOC_2016_SETUP.TMP-4AC1A315.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERDOC_2016_SETUP.TMP-EA6814C9.pf (File)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 17. 11. 2016 at 12:33:11,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nechtěné reklamy
Junkware něco smazal. Ještě Zoek.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nechtěné reklamy
Ten Zoek mi nechce doběhnout, vždy se to sekne na Firefox extensions.
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nechtěné reklamy
Zkuste ho spustit v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nechtěné reklamy
Nedoběhne ani v nouzovém režimu...
Přispějete na provoz fóra?