Zdravím, viete mi prosím pomoct? Strašne sa mi spomalil komp, mal som nod32, nenasiel nic, skusil som kaspersky no ked mi napisal kontrolu 24 hodin tak som to vzdal... presiel som to RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by uzivatel at 2017-01-30 18:18:12
Microsoft Windows 10 Home
System drive C: has 387 GB (89%) free of 434 GB
Total RAM: 4017 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:18:35, on 30.1.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\uzivatel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Power2GoExpress8] NA
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-235 Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-235 Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000002] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE /EPT "EPLTarget\P0000000000000002" /M "XP-235 Series"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: ThinkPad OneLink Dock Management.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @oem98.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @oem98.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\WINDOWS\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 11741 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-054dee91-8ea7-4a70-bd0f-0442f974934b -SystemEventPortName:HostProcess-d4b77ead-b362-4a7d-a0b7-097afc39dcd6 -IoCancelEventPortName:HostProcess-6ee383d9-8da5-4571-a4fa-e651d2dbc2f7 -NonStateChangingEventPortName:HostProcess-1e2eb184-1f78-43f8-a209-d9be8d6aa953 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9ec964ae-2e8d-4525-86ed-3e963669e96c -DeviceGroupId:
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f91c614e-8f1e-4408-aa75-f641858e65c6 -SystemEventPortName:HostProcess-874a7873-0d31-46bf-9c4f-eb8186f65fb2 -IoCancelEventPortName:HostProcess-5924f720-a252-4033-bebd-c4a7a9c0ec44 -NonStateChangingEventPortName:HostProcess-067c62c7-d7e5-4287-9653-66e5227c1bde -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8b59eec2-ab0c-4979-a67a-3b6408101282 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\EscSvc64.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
dashost.exe {a7b6080d-0f3a-430b-b3076c186783770d}
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
C:\WINDOWS\system32\valWbioSyncSvc.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Synaptics\SynFp\Shared\SensorDBSynch.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe" 1 1 1 1
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Users\uzivatel\AppData\Local\Apps\2.0\612DB65P.8K0\ZBRDP28D.L98\lsb...tion_2d7b41b05b24775e_0001.0006_49d2acb6f7b8d10a\LSB.exe"
"C:\Program Files\Windows Defender\msascuil.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=55.0.2883.87 --handshake-handle=0x23c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7016 --on-initialized-event-handle=692 --parent-handle=696 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DisableFirstRunAutoImport<DisableFirstRunAutoImport,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/Control/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Default/InstanceID/Enabled/MediaFoundationH264Encoding/Control/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledAckDecimation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Control/StrictSecureCookies/Enabled/SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=6,17,21,37,54,65 --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4531 --gpu-driver-date=9-29-2016 --service-request-channel-token=CA7A35D48D576029F0E3D2E04EF5B1D0 --mojo-platform-channel-handle=1332 --ignored=" --type=renderer " /prefetch:2
service
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
"C:\Program Files\Windows Defender\MSASCui.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DisableFirstRunAutoImport<DisableFirstRunAutoImport,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Enabled9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/Control/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Control/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledAckDecimation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Control/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=D3E3FEF9D2897DB4C21840D0567BEA4D --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=D3E3FEF9D2897DB4C21840D0567BEA4D --mojo-platform-channel-handle=3932 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DisableFirstRunAutoImport<DisableFirstRunAutoImport,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Enabled9/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/Control/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MediaFoundationH264Encoding/Control/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledAckDecimation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Control/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=F294EFD3ED81B131818FF352FFE38A37 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=F294EFD3ED81B131818FF352FFE38A37 --mojo-platform-channel-handle=3388 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 640 644 652 8192 648
C:\WINDOWS\system32\AUDIODG.EXE 0x1dc
"C:\Users\uzivatel\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\EPSON XP-235 Series Update {D5523560-A916-4E88-8929-7F0F2F229438}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPFE.EXE /EXE:"{D5523560-A916-4E88-8929-7F0F2F229438}" /F:"Update"
C:\WINDOWS\tasks\EPSON XP-235 Series Update {E80CAAF1-8B69-4AA6-B0E6-5EE2ED9DE71A}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPFE.EXE /EXE:"{E80CAAF1-8B69-4AA6-B0E6-5EE2ED9DE71A}" /F:"Update"
C:\WINDOWS\tasks\EPSON XP-235 Series Update {F99C1C17-99DA-4103-9977-C0015CF8D7EA}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPFE.EXE /EXE:"{F99C1C17-99DA-4103-9977-C0015CF8D7EA}" /F:"Update"
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-06-02 9308416]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-31 36352]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2016-11-01 401896]
"PasswordManager"=C:\Program Files\Lenovo\Password Manager\password_manager.exe [2014-01-09 1622072]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-12-31 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-31 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-31 10973168]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03 3944136]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2016-09-30 631808]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-01-10 1517280]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-21 9292504]
"Power2GoExpress8"=NA []
"EPLTarget\P0000000000000001"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE [2014-11-14 417776]
"EPLTarget\P0000000000000000"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE [2014-11-14 417776]
"EPLTarget\P0000000000000002"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE [2014-11-14 417776]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2016-01-20 1087184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ThinkPad OneLink Dock Management.lnk - C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-01-30 18:18:12 ----D---- C:\rsit
2017-01-30 18:18:12 ----D---- C:\Program Files\trend micro
2017-01-30 08:14:53 ----A---- C:\WINDOWS\system32\drivers\klupd_klif_klark.sys
2017-01-30 08:11:19 ----A---- C:\WINDOWS\system32\drivers\klupd_klif_klbg.sys
2017-01-30 08:11:15 ----A---- C:\WINDOWS\system32\drivers\klupd_klif_arkmon.sys
2017-01-30 08:11:14 ----A---- C:\WINDOWS\system32\drivers\klupd_klif_mark.sys
2017-01-30 08:11:12 ----A---- C:\WINDOWS\system32\drivers\klupd_klif_kimul.sys
2017-01-30 08:09:36 ----D---- C:\ProgramData\Kaspersky Lab
2017-01-30 08:09:16 ----A---- C:\ProgramData\ntuser.dat
2017-01-30 08:09:12 ----N---- C:\WINDOWS\system32\drivers\klif.sys
2017-01-30 08:09:12 ----N---- C:\WINDOWS\system32\drivers\klhk.sys
2017-01-30 08:09:12 ----N---- C:\WINDOWS\system32\drivers\klflt.sys
2017-01-26 20:27:34 ----D---- C:\ProgramData\UDL
2017-01-25 14:46:19 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2017-01-25 14:46:19 ----A---- C:\WINDOWS\system32\poqexec.exe
2017-01-11 09:27:42 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 09:27:40 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 09:27:37 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 09:27:36 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 09:27:36 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-01-11 09:27:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-01-11 09:27:35 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-01-11 09:27:35 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-01-11 09:27:34 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-01-11 09:27:34 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 09:27:34 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-01-11 09:27:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 09:27:33 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 09:27:31 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 09:27:31 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-01-11 09:27:30 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-01-11 09:27:30 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 09:27:29 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 09:27:28 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-01-11 09:27:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2017-01-11 09:27:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 09:27:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2017-01-11 09:27:27 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-01-11 09:27:27 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 09:27:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2017-01-11 09:27:26 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2017-01-11 09:27:26 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-01-11 09:27:26 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-01-11 09:27:26 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-01-11 09:27:26 ----A---- C:\WINDOWS\system32\D3D12.dll
2017-01-11 09:27:25 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-01-11 09:27:25 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-01-11 09:27:25 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-01-11 09:27:24 ----A---- C:\WINDOWS\system32\offlinesam.dll
2017-01-11 09:27:23 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2017-01-11 09:27:22 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2017-01-11 09:27:22 ----A---- C:\WINDOWS\system32\shell32.dll
2017-01-11 09:27:21 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-01-11 09:27:19 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-01-11 09:27:18 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-01-11 09:27:18 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-01-11 09:27:18 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-01-11 09:27:17 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-01-11 09:27:17 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 09:27:16 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-01-11 09:27:16 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2017-01-11 09:27:16 ----A---- C:\WINDOWS\system32\wow64.dll
2017-01-11 09:27:16 ----A---- C:\WINDOWS\system32\WinSCard.dll
2017-01-11 09:27:16 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 09:27:15 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2017-01-11 09:27:15 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2017-01-11 09:27:15 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 09:27:15 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-01-11 09:27:15 ----A---- C:\WINDOWS\system32\certprop.dll
2017-01-11 09:27:13 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2017-01-11 09:27:13 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-01-11 09:27:13 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2017-01-11 09:27:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 09:27:12 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-01-11 09:27:09 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-01-11 09:27:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-01-11 09:27:06 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-01-11 09:27:06 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 09:27:02 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-01-11 09:27:02 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-01-11 09:26:55 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 09:26:50 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-01-11 09:26:49 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-01-11 09:26:49 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-01-11 09:26:48 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-01-11 09:26:48 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 09:26:47 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-01-11 09:26:46 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-01-11 09:26:46 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 09:26:46 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 09:26:45 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-01-11 09:26:44 ----A---- C:\WINDOWS\system32\winmde.dll
2017-01-11 09:26:44 ----A---- C:\WINDOWS\system32\twinui.dll
2017-01-11 09:26:43 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 09:26:43 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 09:26:42 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-01-11 09:26:38 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-01-11 09:26:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 09:26:34 ----A---- C:\WINDOWS\system32\usocore.dll
2017-01-11 09:26:33 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 09:26:33 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 09:26:33 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 09:26:32 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 09:26:31 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-01-11 09:26:31 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2017-01-11 09:26:31 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 09:26:30 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2017-01-11 09:26:29 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-01-11 09:26:29 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2017-01-11 09:26:29 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-01-11 09:26:29 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 09:26:28 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-01-11 09:26:27 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-01-11 09:26:27 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2017-01-11 09:26:27 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 09:26:27 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-01-11 09:26:27 ----A---- C:\WINDOWS\system32\win32k.sys
2017-01-11 09:26:27 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 09:26:26 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-01-11 09:26:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-01-11 09:26:25 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-01-11 09:26:25 ----A---- C:\WINDOWS\system32\SRH.dll
2017-01-11 09:26:24 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 09:26:24 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 09:26:23 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-01-11 09:26:23 ----A---- C:\WINDOWS\system32\aclui.dll
2017-01-11 09:26:22 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 09:26:22 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-01-11 09:26:22 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-01-11 09:26:22 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-01-11 09:26:22 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-01-11 09:26:22 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 09:26:22 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-01-11 09:26:22 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 09:26:21 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 09:26:21 ----A---- C:\WINDOWS\system32\ClipUp.exe
2017-01-11 09:26:20 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 09:26:20 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 09:26:20 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 09:26:19 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-01-11 09:26:19 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 09:26:18 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-01-11 09:26:18 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 09:26:17 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-01-11 09:26:17 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 09:26:17 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 09:26:17 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-01-11 09:26:16 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-01-11 09:26:16 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-01-11 09:26:16 ----A---- C:\WINDOWS\system32\cloudAP.dll
2017-01-11 09:26:15 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-01-11 09:26:15 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-01-11 09:26:15 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 09:26:15 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 09:26:15 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 09:26:15 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 09:26:15 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 09:26:14 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-01-11 09:26:14 ----A---- C:\WINDOWS\system32\fhcfg.dll
2017-01-11 09:26:14 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2017-01-11 09:26:13 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 09:26:03 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 09:25:59 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 09:25:51 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-01-11 09:25:47 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-01-11 09:25:47 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-01-11 09:25:47 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-01-11 09:25:47 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-01-11 09:25:46 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-01-11 09:25:44 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 09:25:44 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 09:25:42 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-01-11 09:25:42 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 09:25:40 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-01-11 09:25:40 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-01-11 09:25:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 09:25:39 ----A---- C:\WINDOWS\system32\provengine.dll
2017-01-11 09:25:37 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 09:25:37 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 09:25:37 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 09:25:35 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2017-01-07 20:39:50 ----D---- C:\Program Files (x86)\CD Audio MP3 Converter
2017-01-07 20:39:50 ----A---- C:\WINDOWS\WM8EUTIL.exe
2017-01-07 20:07:38 ----D---- C:\tmp
2017-01-07 20:07:38 ----D---- C:\output
======List of files/folders modified in the last 1 month======
2017-01-30 18:18:16 ----D---- C:\WINDOWS\Prefetch
2017-01-30 18:18:12 ----RD---- C:\Program Files
2017-01-30 18:10:07 ----D---- C:\WINDOWS\Temp
2017-01-30 18:09:52 ----D---- C:\Windows
2017-01-30 18:01:59 ----D---- C:\WINDOWS\System32
2017-01-30 18:01:59 ----D---- C:\WINDOWS\INF
2017-01-30 17:59:58 ----SHD---- C:\WINDOWS\Installer
2017-01-30 17:59:55 ----SHD---- C:\Config.Msi
2017-01-30 17:59:53 ----RD---- C:\Program Files (x86)
2017-01-30 17:59:51 ----D---- C:\WINDOWS\system32\DriverStore
2017-01-30 17:59:51 ----D---- C:\WINDOWS\system32\drivers
2017-01-30 17:59:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-30 17:58:37 ----HD---- C:\WINDOWS\ELAMBKUP
2017-01-30 17:57:50 ----D---- C:\WINDOWS\system32\Tasks
2017-01-30 17:57:50 ----D---- C:\Program Files\Common Files\AV
2017-01-30 17:57:46 ----SHD---- C:\System Volume Information
2017-01-30 17:57:26 ----D---- C:\WINDOWS\system32\catroot2
2017-01-30 17:53:53 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-30 17:53:40 ----D---- C:\ProgramData\Synaptics
2017-01-30 17:53:39 ----D---- C:\WINDOWS\system32\SleepStudy
2017-01-30 17:45:41 ----D---- C:\WINDOWS\system32\sru
2017-01-30 14:39:15 ----D---- C:\WINDOWS\SoftwareDistribution
2017-01-30 12:46:22 ----D---- C:\WINDOWS\AppReadiness
2017-01-30 12:46:17 ----HD---- C:\Program Files\WindowsApps
2017-01-30 08:14:45 ----D---- C:\WINDOWS\system32\CatRoot
2017-01-30 08:10:51 ----HD---- C:\ProgramData
2017-01-29 23:22:44 ----D---- C:\WINDOWS\debug
2017-01-29 06:53:57 ----D---- C:\WINDOWS\system32\config
2017-01-29 06:52:28 ----RD---- C:\WINDOWS\Microsoft.NET
2017-01-26 20:39:14 ----D---- C:\Users\uzivatel\AppData\Roaming\Epson
2017-01-26 20:27:48 ----AD---- C:\Program Files (x86)\EPSON Software
2017-01-26 20:27:34 ----D---- C:\ProgramData\Epson
2017-01-26 20:27:28 ----D---- C:\ProgramData\Sony Corporation
2017-01-26 20:27:00 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-01-26 20:13:10 ----D---- C:\WINDOWS\Tasks
2017-01-25 15:28:44 ----D---- C:\WINDOWS\CbsTemp
2017-01-25 15:28:41 ----D---- C:\WINDOWS\SysWOW64
2017-01-25 15:28:16 ----D---- C:\WINDOWS\WinSxS
2017-01-14 05:57:54 ----D---- C:\WINDOWS\rescache
2017-01-14 05:53:01 ----RSD---- C:\WINDOWS\assembly
2017-01-12 02:15:45 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-01-12 02:15:45 ----D---- C:\WINDOWS\system32\wbem
2017-01-12 02:15:45 ----D---- C:\WINDOWS\system32\oobe
2017-01-12 02:15:43 ----D---- C:\WINDOWS\ShellExperiences
2017-01-12 02:15:42 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-01-12 02:15:42 ----D---- C:\WINDOWS\Provisioning
2017-01-12 02:15:41 ----D---- C:\Program Files\Internet Explorer
2017-01-12 02:15:41 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-11 09:44:09 ----D---- C:\WINDOWS\system32\MRT
2017-01-11 09:40:35 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-01-07 20:06:10 ----D---- C:\ProgramData\Microsoft Help
2017-01-07 20:06:01 ----RSD---- C:\WINDOWS\Fonts
2017-01-01 20:30:35 ----D---- C:\ProgramData\CyberLink
2017-01-01 20:16:42 ----D---- C:\Users\uzivatel\AppData\Roaming\CyberLink
2016-12-31 11:10:39 ----D---- C:\WINDOWS\Registration
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BTATH_BUS;@oem96.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2015-08-30 36496]
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2014-08-19 186248]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-31 644968]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 LubSec;LubSec; C:\WINDOWS\System32\Drivers\LubSec.sys [2014-02-22 45304]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 SMIDriver;@oem98.inf,%SMIDevice.SVCDESC%;Synaptics SMI Driver; C:\WINDOWS\system32\DRIVERS\smi.sys [2016-07-13 39488]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 LubFsFlt;LubFsFlt; \??\C:\windows\System32\Drivers\LubFsFlt.sys [2014-02-22 27384]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 ACPIVPC;@oem56.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-12-31 35576]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2016-07-16 4233728]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-30 84992]
R3 HPMoA407;@oem69.inf,%HPMoA407.SvcDesc%;Mouse Suite Driver_A407 (WDF Version); C:\WINDOWS\System32\drivers\HPMoA407.sys [2011-11-01 25088]
R3 HPubA407;@oem69.inf,%HPubA407.SvcDesc%;USB Mouse Low Filter Driver_A407 (WDF Version); C:\WINDOWS\System32\Drivers\HPubA407.sys [2012-06-14 18944]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-11-01 7966192]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]
R3 iwdbus;@oem91.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 MEIx64;@oem77.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-12-03 100824]
R3 rt640x64;@oem46.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 rtsuvc;@oem68.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-02 3057920]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-06-03 42696]
R3 SynTP;@oem33.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-06-03 613576]
R4 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit); C:\WINDOWS\system32\DRIVERS\cm_km.sys []
R4 kl1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys []
R4 klbackupdisk;Kaspersky Lab klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys []
R4 klbackupflt;Kaspersky Lab klbackupflt; C:\WINDOWS\system32\DRIVERS\klbackupflt.sys [2016-06-15 86352]
R4 kldisk;kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [2016-05-31 78216]
R4 klflt;Kaspersky Lab Kernel DLL; C:\WINDOWS\system32\DRIVERS\klflt.sys [2016-06-26 191312]
R4 klhk;@oem173.inf,%klhkDisplayName%;Kaspersky Lab service driver; C:\WINDOWS\System32\drivers\klhk.sys [2017-01-30 435032]
R4 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2017-01-30 1019616]
R4 klkbdflt;Kaspersky Lab KLKBDFLT; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [2016-05-19 52136]
R4 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2015-06-07 41656]
R4 klpd;Kaspersky Lab format recognizer driver; C:\WINDOWS\system32\DRIVERS\klpd.sys [2016-05-31 45488]
R4 kneps;kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [2016-06-14 194480]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-09-30 114176]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2016-09-30 249856]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-30 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
S3 RSP2STOR;@oem8.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2013-09-24 290520]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_3fc23;CDPUserSvc_3fc23; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 EpsonScanSvc;Epson Scanner Service; C:\WINDOWS\system32\EscSvc64.exe [2012-05-17 144560]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-31 15720]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-01 373744]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-03 169432]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-31 198192]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-03 390616]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-11-27 1872808]
R2 OneSyncSvc_3fc23;Sync Host_3fc23; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-31 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-06 107848]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-11-01 301552]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-06 107848]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-06-02 273232]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_3fc23;MessagingService_3fc23; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-31 305136]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc_3fc23;Contact Data_3fc23; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-30 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2016-07-16 287744]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zavireny PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavireny PC
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavireny PC
Zdravim tak tu je:
# AdwCleaner v6.043 - Logfile created 30/01/2017 at 20:13:13
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-01-30.2 [Server]
# Operating System : Windows 10 Home (X64)
# Username : uzivatel - LENOVO
# Running from : C:\Users\uzivatel\Desktop\adwcleaner_6.043.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\ProgramData\Pokki
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Pokki
[-] Folder deleted: C:\Program Files (x86)\Amazon\Amazon1ButtonApp
[-] Folder deleted: C:\Users\Public\Pokki
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\Software\Pokki
[#] Key deleted on reboot: HKCU\Software\Pokki
[#] Key deleted on reboot: [x64] HKCU\Software\Pokki
[-] Data restored: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Value deleted: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2172 Bytes] - [30/01/2017 20:13:13]
C:\AdwCleaner\AdwCleaner[S0].txt - [2555 Bytes] - [30/01/2017 20:12:43]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2318 Bytes] ##########
# AdwCleaner v6.043 - Logfile created 30/01/2017 at 20:13:13
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-01-30.2 [Server]
# Operating System : Windows 10 Home (X64)
# Username : uzivatel - LENOVO
# Running from : C:\Users\uzivatel\Desktop\adwcleaner_6.043.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\ProgramData\Pokki
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Pokki
[-] Folder deleted: C:\Program Files (x86)\Amazon\Amazon1ButtonApp
[-] Folder deleted: C:\Users\Public\Pokki
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\Software\Pokki
[#] Key deleted on reboot: HKCU\Software\Pokki
[#] Key deleted on reboot: [x64] HKCU\Software\Pokki
[-] Data restored: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Value deleted: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2172 Bytes] - [30/01/2017 20:13:13]
C:\AdwCleaner\AdwCleaner[S0].txt - [2555 Bytes] - [30/01/2017 20:12:43]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2318 Bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavireny PC
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavireny PC
Máme, pfu, ale som z toho jeleň
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
Ran by uzivatel (administrator) on LENOVO (30-01-2017 20:35:47)
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available Profiles: uzivatel)
Platform: Windows 10 Home Version 1607 (X64) Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKWCtlx64.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVKTray\AVKTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Lenovo) C:\Users\uzivatel\AppData\Local\Apps\2.0\612DB65P.8K0\ZBRDP28D.L98\lsb...tion_2d7b41b05b24775e_0001.0006_49d2acb6f7b8d10a\LSB.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9308416 2015-06-02] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [401896 2016-11-01] ()
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1622072 2014-01-09] (Lenovo Group Limited)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-12-31] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-12-31] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10973168 2014-12-31] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\MountPoints2: {8ab93b9a-b868-11e6-82a1-f0761c5d5e2e} - "F:\autorun.exe"
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\MountPoints2: {e6049133-ac90-11e6-829d-d0534904bec6} - "F:\Startme.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ThinkPad OneLink Dock Management.lnk [2014-12-31]
ShortcutTarget: ThinkPad OneLink Dock Management.lnk -> C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{16ec27b6-1a89-4a2d-97e8-033818d44bf2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{47ce5506-902d-4a38-a85f-6fa020a14991}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7d51fac9-bccc-43f5-9cb0-8ccf14b83935}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001 -> {C3DFCBA4-9925-4BD1-9931-0B2500D38101} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.facebook.com/?ref=tn_tnmn
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default [2017-01-30]
CHR Extension: (Prezentácie Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-06]
CHR Extension: (Dokumenty Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-06]
CHR Extension: (Disk Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Tabuľky Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-06]
CHR Extension: (Lenovo Password Manager) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\geempcnjhccnoepfmahaeemnnfnignab [2015-03-06]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19]
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-30]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [geempcnjhccnoepfmahaeemnnfnignab] - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx [2014-01-09]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [4950632 2016-10-06] (G DATA Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKService.exe [984904 2016-09-15] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKWCtlx64.exe [3044496 2016-09-27] (G Data Software AG)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [822600 2016-09-27] (G DATA Software AG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-12-31] (Lenovo(beijing) Limited)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [37624 2014-04-21] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-11-27] (Maxthon)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-12-31] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-12-31] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-09-28] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [186248 2014-08-19] (ESET)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [180808 2017-01-30] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [37400 2017-01-30] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [30280 2017-01-30] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [274400 2017-01-30] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [105544 2017-01-30] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [77384 2017-01-30] (G DATA Software AG)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [116296 2017-01-30] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [153160 2017-01-30] (G Data Software AG)
R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-11-01] (Hewlett-Packard.)
R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
R2 LubFsFlt; C:\windows\System32\Drivers\LubFsFlt.sys [27384 2014-02-22] (Lenovo(beijing) Limited)
R0 LubSec; C:\WINDOWS\System32\Drivers\LubSec.sys [45304 2014-02-22] (Lenovo(beijing) Limited)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290520 2013-09-24] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3057920 2015-06-02] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-31 04:07 - 2017-01-31 04:15 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-01-30 20:35 - 2017-01-30 20:36 - 00020158 _____ C:\Users\uzivatel\Desktop\FRST.txt
2017-01-30 20:35 - 2017-01-30 20:35 - 00000000 ____D C:\FRST
2017-01-30 20:32 - 2017-01-30 20:32 - 02420736 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2017-01-30 20:18 - 2017-01-30 20:18 - 00116296 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2017-01-30 20:18 - 2017-01-30 20:18 - 00028208 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2017-01-30 20:10 - 2017-01-30 20:13 - 00000000 ____D C:\AdwCleaner
2017-01-30 19:38 - 2017-01-30 19:38 - 00105544 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2017-01-30 19:36 - 2017-01-30 19:36 - 00002093 _____ C:\Users\Public\Desktop\G DATA ANTIVIRUS.lnk
2017-01-30 19:36 - 2017-01-30 19:36 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBB64_01007.Wdf
2017-01-30 19:36 - 2017-01-30 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA ANTIVIRUS
2017-01-30 19:35 - 2017-01-30 19:38 - 00153160 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2017-01-30 19:35 - 2017-01-30 19:35 - 00274400 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2017-01-30 19:35 - 2017-01-30 19:35 - 00180808 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2017-01-30 19:35 - 2017-01-30 19:35 - 00077384 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2017-01-30 19:35 - 2017-01-30 19:35 - 00037400 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2017-01-30 19:35 - 2017-01-30 19:35 - 00030280 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2017-01-30 19:35 - 2017-01-30 19:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
2017-01-30 19:31 - 2017-01-30 19:31 - 00000000 ____D C:\Program Files (x86)\G DATA
2017-01-30 19:24 - 2017-01-30 20:10 - 04015056 _____ C:\Users\uzivatel\Desktop\adwcleaner_6.043.exe
2017-01-30 19:22 - 2017-01-30 20:13 - 00000000 ____D C:\ProgramData\G Data
2017-01-30 19:16 - 2017-01-30 20:03 - 00444752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-30 18:56 - 2017-01-30 19:22 - 241544608 _____ (G DATA Software AG) C:\Users\uzivatel\Downloads\GDATA_ANTIVIRUS_BASE_WEU_25.3.0.1.exe
2017-01-30 18:18 - 2017-01-30 18:18 - 00000000 ____D C:\rsit
2017-01-30 18:18 - 2017-01-30 18:18 - 00000000 ____D C:\Program Files\trend micro
2017-01-30 18:17 - 2017-01-30 18:18 - 01222144 _____ C:\Users\uzivatel\Downloads\RSITx64.exe
2017-01-30 11:01 - 2017-01-30 18:01 - 00000000 ____D C:\Users\uzivatel\Desktop\Kasper
2017-01-26 20:27 - 2017-01-26 20:27 - 00000000 ____D C:\ProgramData\UDL
2017-01-26 20:13 - 2017-01-30 08:02 - 00000933 _____ C:\WINDOWS\Tasks\EPSON XP-235 Series Update {E80CAAF1-8B69-4AA6-B0E6-5EE2ED9DE71A}.job
2017-01-26 20:13 - 2017-01-26 20:13 - 00004130 _____ C:\WINDOWS\System32\Tasks\EPSON XP-235 Series Update {E80CAAF1-8B69-4AA6-B0E6-5EE2ED9DE71A}
2017-01-26 19:31 - 2017-01-30 08:02 - 00000933 _____ C:\WINDOWS\Tasks\EPSON XP-235 Series Update {F99C1C17-99DA-4103-9977-C0015CF8D7EA}.job
2017-01-26 19:31 - 2017-01-26 19:31 - 00004130 _____ C:\WINDOWS\System32\Tasks\EPSON XP-235 Series Update {F99C1C17-99DA-4103-9977-C0015CF8D7EA}
2017-01-25 14:46 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 14:46 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-11 09:27 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 09:27 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 09:27 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 09:27 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 09:27 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 09:27 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 09:27 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 09:27 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 09:27 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 09:27 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 09:27 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 09:27 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 09:27 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 09:27 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 09:27 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 09:27 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 09:27 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 09:27 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 09:27 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 09:27 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 09:27 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 09:27 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 09:27 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 09:27 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 09:27 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 09:27 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 09:27 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 09:27 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 09:27 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 09:27 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 09:27 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 09:27 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 09:27 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 09:27 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 09:27 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 09:27 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 09:27 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 09:27 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 09:27 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 09:27 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 09:27 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 09:27 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 09:27 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 09:27 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 09:27 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 09:27 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 09:27 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 09:27 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 09:27 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 09:27 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 09:27 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 09:27 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 09:27 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 09:27 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 09:27 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 09:27 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 09:27 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 09:27 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 09:27 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 09:27 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 09:27 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 09:27 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 09:27 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 09:27 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 09:27 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 09:26 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 09:26 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 09:26 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 09:26 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 09:26 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 09:26 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 09:26 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 09:26 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 09:26 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 09:26 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 09:26 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 09:26 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 09:26 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 09:26 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 09:26 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 09:26 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 09:26 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 09:26 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 09:26 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 09:26 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 09:26 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 09:26 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 09:26 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 09:26 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 09:26 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 09:26 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 09:26 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 09:26 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 09:26 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 09:26 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 09:26 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 09:26 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 09:26 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 09:26 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 09:26 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 09:26 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 09:26 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 09:26 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 09:26 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 09:26 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 09:26 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 09:26 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 09:26 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 09:26 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 09:26 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 09:26 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 09:26 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 09:26 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 09:26 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 09:26 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 09:26 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 09:26 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 09:26 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 09:26 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 09:26 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 09:26 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 09:26 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 09:26 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 09:26 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 09:26 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 09:26 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 09:26 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 09:26 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 09:26 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 09:26 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 09:26 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 09:26 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 09:26 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 09:26 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 09:26 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 09:26 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 09:26 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 09:26 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 09:26 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 09:26 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 09:26 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 09:26 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 09:26 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 09:26 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 09:26 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 09:26 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 09:26 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 09:25 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 09:25 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 09:25 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 09:25 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 09:25 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 09:25 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 09:25 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 09:25 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 09:25 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 09:25 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 09:25 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 09:25 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 09:25 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 09:25 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 09:25 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 09:25 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 09:25 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 09:25 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 09:25 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-07 20:39 - 2017-01-13 00:22 - 00000000 ____D C:\Program Files (x86)\CD Audio MP3 Converter
2017-01-07 20:39 - 2001-03-23 16:29 - 00880912 _____ (Microsoft Corporation) C:\WINDOWS\WM8EUTIL.exe
2017-01-07 20:07 - 2017-01-07 20:20 - 00000000 ____D C:\output
2017-01-07 20:07 - 2017-01-07 20:07 - 00000000 ____D C:\tmp
2017-01-05 21:21 - 2017-01-05 21:22 - 00000000 ___RD C:\Users\uzivatel\Desktop\UTL
2017-01-05 21:19 - 2017-01-05 21:21 - 00000000 ___RD C:\Users\uzivatel\Desktop\INTER
2017-01-05 21:18 - 2017-01-05 21:19 - 00000000 ___RD C:\Users\uzivatel\Desktop\MEDIA
2017-01-05 20:57 - 2017-01-05 20:59 - 00000000 ___RD C:\Users\uzivatel\Desktop\LENOVO
2017-01-02 13:38 - 2017-01-02 13:38 - 00033235 _____ C:\Users\uzivatel\Downloads\korcule.pdf
2017-01-01 21:21 - 2017-01-01 21:21 - 00004700 _____ C:\Users\uzivatel\Documents\Do auticka..._1.p2g
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-30 20:21 - 2015-08-27 02:25 - 01264226 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-30 20:15 - 2016-09-30 03:35 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-30 20:15 - 2015-08-27 02:35 - 00000000 __SHD C:\Users\uzivatel\IntelGraphicsProfiles
2017-01-30 20:14 - 2016-09-30 04:03 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-30 20:14 - 2016-09-30 03:35 - 00000000 ____D C:\ProgramData\Synaptics
2017-01-30 20:13 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-30 20:13 - 2014-12-31 12:58 - 00000000 ____D C:\Program Files (x86)\Amazon
2017-01-30 20:00 - 2016-09-30 03:29 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-30 19:35 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-01-30 19:06 - 2016-09-30 03:39 - 00000000 ____D C:\Users\uzivatel
2017-01-30 18:01 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-30 17:58 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-30 17:57 - 2016-10-17 20:11 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-30 12:46 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-30 12:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-30 12:46 - 2015-03-06 09:54 - 00000000 ____D C:\Users\uzivatel\AppData\Local\Packages
2017-01-30 08:09 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2017-01-26 20:40 - 2016-12-12 23:38 - 00000000 ___RD C:\Users\uzivatel\Desktop\Nový priečinok
2017-01-26 20:39 - 2016-12-04 18:09 - 00000000 ____D C:\Users\uzivatel\AppData\Roaming\Epson
2017-01-26 20:28 - 2016-12-04 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2017-01-26 20:27 - 2016-12-04 17:55 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2017-01-26 20:27 - 2016-12-04 17:48 - 00000000 ____D C:\ProgramData\Epson
2017-01-26 20:27 - 2015-05-28 22:00 - 00000000 ____D C:\ProgramData\Sony Corporation
2017-01-26 20:27 - 2014-12-31 12:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-26 19:38 - 2016-12-04 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-01-25 15:28 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-23 23:34 - 2015-12-17 00:53 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-21 12:00 - 2015-12-04 01:10 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-14 05:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-12 03:51 - 2015-03-06 09:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-12 02:15 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-12 02:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-12 02:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-12 02:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-12 02:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-12 00:29 - 2016-09-30 04:03 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 09:44 - 2015-03-06 11:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 09:40 - 2015-03-06 11:13 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-10 20:14 - 2016-12-06 19:29 - 00003278 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-10 20:14 - 2015-08-27 02:39 - 00002428 _____ C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-10 20:14 - 2015-08-27 02:39 - 00000000 ___RD C:\Users\uzivatel\OneDrive
2017-01-07 20:30 - 2016-12-15 21:22 - 00000000 ____D C:\Users\uzivatel\AppData\Local\Deployment
2017-01-07 20:11 - 2015-03-06 09:53 - 00000000 ____D C:\Users\uzivatel\AppData\Local\VirtualStore
2017-01-06 12:27 - 2015-05-28 21:56 - 00000000 ___RD C:\Users\uzivatel\Desktop\Fotečky
2017-01-01 20:30 - 2014-12-31 12:56 - 00000000 ____D C:\ProgramData\CyberLink
2017-01-01 20:16 - 2015-03-08 09:44 - 00000000 ____D C:\Users\uzivatel\AppData\Roaming\CyberLink
2016-12-31 11:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Registration
==================== Files in the root of some directories =======
2015-03-06 09:58 - 2015-03-24 08:36 - 0008362 _____ () C:\Users\uzivatel\AppData\Roaming\AbsoluteReminder.xml
2017-01-30 19:35 - 2017-01-30 19:35 - 0000779 _____ () C:\Users\uzivatel\AppData\Roaming\gdscan.log
2015-03-13 13:23 - 2015-03-13 13:23 - 0076976 _____ () C:\Users\uzivatel\AppData\Roaming\LoJackSetup.exe
2016-12-15 21:42 - 2016-12-15 21:42 - 0007597 _____ () C:\Users\uzivatel\AppData\Local\Resmon.ResmonCfg
2016-09-30 03:35 - 2016-09-30 03:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-28 10:18
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
Ran by uzivatel (administrator) on LENOVO (30-01-2017 20:35:47)
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available Profiles: uzivatel)
Platform: Windows 10 Home Version 1607 (X64) Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKWCtlx64.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVKTray\AVKTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Lenovo) C:\Users\uzivatel\AppData\Local\Apps\2.0\612DB65P.8K0\ZBRDP28D.L98\lsb...tion_2d7b41b05b24775e_0001.0006_49d2acb6f7b8d10a\LSB.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9308416 2015-06-02] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [401896 2016-11-01] ()
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1622072 2014-01-09] (Lenovo Group Limited)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-12-31] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-12-31] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10973168 2014-12-31] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\MountPoints2: {8ab93b9a-b868-11e6-82a1-f0761c5d5e2e} - "F:\autorun.exe"
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\...\MountPoints2: {e6049133-ac90-11e6-829d-d0534904bec6} - "F:\Startme.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ThinkPad OneLink Dock Management.lnk [2014-12-31]
ShortcutTarget: ThinkPad OneLink Dock Management.lnk -> C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{16ec27b6-1a89-4a2d-97e8-033818d44bf2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{47ce5506-902d-4a38-a85f-6fa020a14991}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7d51fac9-bccc-43f5-9cb0-8ccf14b83935}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2338535209-2821197505-3871013768-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2338535209-2821197505-3871013768-1001 -> {C3DFCBA4-9925-4BD1-9931-0B2500D38101} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.facebook.com/?ref=tn_tnmn
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default [2017-01-30]
CHR Extension: (Prezentácie Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-06]
CHR Extension: (Dokumenty Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-06]
CHR Extension: (Disk Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Tabuľky Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-06]
CHR Extension: (Lenovo Password Manager) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\geempcnjhccnoepfmahaeemnnfnignab [2015-03-06]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19]
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-30]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [geempcnjhccnoepfmahaeemnnfnignab] - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx [2014-01-09]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [4950632 2016-10-06] (G DATA Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKService.exe [984904 2016-09-15] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKWCtlx64.exe [3044496 2016-09-27] (G Data Software AG)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [822600 2016-09-27] (G DATA Software AG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-12-31] (Lenovo(beijing) Limited)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [37624 2014-04-21] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-11-27] (Maxthon)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-12-31] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-12-31] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-09-28] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [186248 2014-08-19] (ESET)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [180808 2017-01-30] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [37400 2017-01-30] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [30280 2017-01-30] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [274400 2017-01-30] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [105544 2017-01-30] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [77384 2017-01-30] (G DATA Software AG)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [116296 2017-01-30] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [153160 2017-01-30] (G Data Software AG)
R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-11-01] (Hewlett-Packard.)
R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
R2 LubFsFlt; C:\windows\System32\Drivers\LubFsFlt.sys [27384 2014-02-22] (Lenovo(beijing) Limited)
R0 LubSec; C:\WINDOWS\System32\Drivers\LubSec.sys [45304 2014-02-22] (Lenovo(beijing) Limited)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290520 2013-09-24] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3057920 2015-06-02] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-31 04:07 - 2017-01-31 04:15 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-01-30 20:35 - 2017-01-30 20:36 - 00020158 _____ C:\Users\uzivatel\Desktop\FRST.txt
2017-01-30 20:35 - 2017-01-30 20:35 - 00000000 ____D C:\FRST
2017-01-30 20:32 - 2017-01-30 20:32 - 02420736 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2017-01-30 20:18 - 2017-01-30 20:18 - 00116296 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2017-01-30 20:18 - 2017-01-30 20:18 - 00028208 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2017-01-30 20:10 - 2017-01-30 20:13 - 00000000 ____D C:\AdwCleaner
2017-01-30 19:38 - 2017-01-30 19:38 - 00105544 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2017-01-30 19:36 - 2017-01-30 19:36 - 00002093 _____ C:\Users\Public\Desktop\G DATA ANTIVIRUS.lnk
2017-01-30 19:36 - 2017-01-30 19:36 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBB64_01007.Wdf
2017-01-30 19:36 - 2017-01-30 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA ANTIVIRUS
2017-01-30 19:35 - 2017-01-30 19:38 - 00153160 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2017-01-30 19:35 - 2017-01-30 19:35 - 00274400 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2017-01-30 19:35 - 2017-01-30 19:35 - 00180808 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2017-01-30 19:35 - 2017-01-30 19:35 - 00077384 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2017-01-30 19:35 - 2017-01-30 19:35 - 00037400 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2017-01-30 19:35 - 2017-01-30 19:35 - 00030280 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2017-01-30 19:35 - 2017-01-30 19:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
2017-01-30 19:31 - 2017-01-30 19:31 - 00000000 ____D C:\Program Files (x86)\G DATA
2017-01-30 19:24 - 2017-01-30 20:10 - 04015056 _____ C:\Users\uzivatel\Desktop\adwcleaner_6.043.exe
2017-01-30 19:22 - 2017-01-30 20:13 - 00000000 ____D C:\ProgramData\G Data
2017-01-30 19:16 - 2017-01-30 20:03 - 00444752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-30 18:56 - 2017-01-30 19:22 - 241544608 _____ (G DATA Software AG) C:\Users\uzivatel\Downloads\GDATA_ANTIVIRUS_BASE_WEU_25.3.0.1.exe
2017-01-30 18:18 - 2017-01-30 18:18 - 00000000 ____D C:\rsit
2017-01-30 18:18 - 2017-01-30 18:18 - 00000000 ____D C:\Program Files\trend micro
2017-01-30 18:17 - 2017-01-30 18:18 - 01222144 _____ C:\Users\uzivatel\Downloads\RSITx64.exe
2017-01-30 11:01 - 2017-01-30 18:01 - 00000000 ____D C:\Users\uzivatel\Desktop\Kasper
2017-01-26 20:27 - 2017-01-26 20:27 - 00000000 ____D C:\ProgramData\UDL
2017-01-26 20:13 - 2017-01-30 08:02 - 00000933 _____ C:\WINDOWS\Tasks\EPSON XP-235 Series Update {E80CAAF1-8B69-4AA6-B0E6-5EE2ED9DE71A}.job
2017-01-26 20:13 - 2017-01-26 20:13 - 00004130 _____ C:\WINDOWS\System32\Tasks\EPSON XP-235 Series Update {E80CAAF1-8B69-4AA6-B0E6-5EE2ED9DE71A}
2017-01-26 19:31 - 2017-01-30 08:02 - 00000933 _____ C:\WINDOWS\Tasks\EPSON XP-235 Series Update {F99C1C17-99DA-4103-9977-C0015CF8D7EA}.job
2017-01-26 19:31 - 2017-01-26 19:31 - 00004130 _____ C:\WINDOWS\System32\Tasks\EPSON XP-235 Series Update {F99C1C17-99DA-4103-9977-C0015CF8D7EA}
2017-01-25 14:46 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 14:46 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-11 09:27 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 09:27 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 09:27 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 09:27 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 09:27 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 09:27 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 09:27 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 09:27 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 09:27 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 09:27 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 09:27 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 09:27 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 09:27 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 09:27 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 09:27 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 09:27 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 09:27 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 09:27 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 09:27 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 09:27 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 09:27 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 09:27 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 09:27 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 09:27 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 09:27 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 09:27 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 09:27 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 09:27 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 09:27 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 09:27 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 09:27 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 09:27 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 09:27 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 09:27 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 09:27 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 09:27 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 09:27 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 09:27 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 09:27 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 09:27 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 09:27 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 09:27 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 09:27 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 09:27 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 09:27 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 09:27 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 09:27 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 09:27 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 09:27 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 09:27 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 09:27 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 09:27 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 09:27 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 09:27 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 09:27 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 09:27 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 09:27 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 09:27 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 09:27 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 09:27 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 09:27 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 09:27 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 09:27 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 09:27 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 09:27 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 09:26 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 09:26 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 09:26 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 09:26 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 09:26 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 09:26 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 09:26 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 09:26 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 09:26 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 09:26 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 09:26 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 09:26 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 09:26 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 09:26 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 09:26 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 09:26 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 09:26 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 09:26 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 09:26 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 09:26 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 09:26 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 09:26 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 09:26 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 09:26 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 09:26 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 09:26 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 09:26 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 09:26 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 09:26 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 09:26 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 09:26 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 09:26 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 09:26 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 09:26 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 09:26 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 09:26 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 09:26 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 09:26 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 09:26 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 09:26 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 09:26 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 09:26 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 09:26 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 09:26 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 09:26 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 09:26 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 09:26 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 09:26 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 09:26 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 09:26 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 09:26 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 09:26 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 09:26 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 09:26 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 09:26 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 09:26 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 09:26 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 09:26 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 09:26 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 09:26 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 09:26 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 09:26 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 09:26 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 09:26 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 09:26 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 09:26 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 09:26 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 09:26 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 09:26 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 09:26 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 09:26 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 09:26 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 09:26 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 09:26 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 09:26 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 09:26 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 09:26 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 09:26 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 09:26 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 09:26 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 09:26 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 09:26 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 09:25 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 09:25 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 09:25 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 09:25 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 09:25 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 09:25 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 09:25 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 09:25 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 09:25 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 09:25 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 09:25 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 09:25 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 09:25 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 09:25 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 09:25 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 09:25 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 09:25 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 09:25 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 09:25 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-07 20:39 - 2017-01-13 00:22 - 00000000 ____D C:\Program Files (x86)\CD Audio MP3 Converter
2017-01-07 20:39 - 2001-03-23 16:29 - 00880912 _____ (Microsoft Corporation) C:\WINDOWS\WM8EUTIL.exe
2017-01-07 20:07 - 2017-01-07 20:20 - 00000000 ____D C:\output
2017-01-07 20:07 - 2017-01-07 20:07 - 00000000 ____D C:\tmp
2017-01-05 21:21 - 2017-01-05 21:22 - 00000000 ___RD C:\Users\uzivatel\Desktop\UTL
2017-01-05 21:19 - 2017-01-05 21:21 - 00000000 ___RD C:\Users\uzivatel\Desktop\INTER
2017-01-05 21:18 - 2017-01-05 21:19 - 00000000 ___RD C:\Users\uzivatel\Desktop\MEDIA
2017-01-05 20:57 - 2017-01-05 20:59 - 00000000 ___RD C:\Users\uzivatel\Desktop\LENOVO
2017-01-02 13:38 - 2017-01-02 13:38 - 00033235 _____ C:\Users\uzivatel\Downloads\korcule.pdf
2017-01-01 21:21 - 2017-01-01 21:21 - 00004700 _____ C:\Users\uzivatel\Documents\Do auticka..._1.p2g
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-30 20:21 - 2015-08-27 02:25 - 01264226 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-30 20:15 - 2016-09-30 03:35 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-30 20:15 - 2015-08-27 02:35 - 00000000 __SHD C:\Users\uzivatel\IntelGraphicsProfiles
2017-01-30 20:14 - 2016-09-30 04:03 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-30 20:14 - 2016-09-30 03:35 - 00000000 ____D C:\ProgramData\Synaptics
2017-01-30 20:13 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-30 20:13 - 2014-12-31 12:58 - 00000000 ____D C:\Program Files (x86)\Amazon
2017-01-30 20:00 - 2016-09-30 03:29 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-30 19:35 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-01-30 19:06 - 2016-09-30 03:39 - 00000000 ____D C:\Users\uzivatel
2017-01-30 18:01 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-30 17:58 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-30 17:57 - 2016-10-17 20:11 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-30 12:46 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-30 12:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-30 12:46 - 2015-03-06 09:54 - 00000000 ____D C:\Users\uzivatel\AppData\Local\Packages
2017-01-30 08:09 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2017-01-26 20:40 - 2016-12-12 23:38 - 00000000 ___RD C:\Users\uzivatel\Desktop\Nový priečinok
2017-01-26 20:39 - 2016-12-04 18:09 - 00000000 ____D C:\Users\uzivatel\AppData\Roaming\Epson
2017-01-26 20:28 - 2016-12-04 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2017-01-26 20:27 - 2016-12-04 17:55 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2017-01-26 20:27 - 2016-12-04 17:48 - 00000000 ____D C:\ProgramData\Epson
2017-01-26 20:27 - 2015-05-28 22:00 - 00000000 ____D C:\ProgramData\Sony Corporation
2017-01-26 20:27 - 2014-12-31 12:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-26 19:38 - 2016-12-04 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-01-25 15:28 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-23 23:34 - 2015-12-17 00:53 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-21 12:00 - 2015-12-04 01:10 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-14 05:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-12 03:51 - 2015-03-06 09:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-12 02:15 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-12 02:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-12 02:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-12 02:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-12 02:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-12 00:29 - 2016-09-30 04:03 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 09:44 - 2015-03-06 11:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 09:40 - 2015-03-06 11:13 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-10 20:14 - 2016-12-06 19:29 - 00003278 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-10 20:14 - 2015-08-27 02:39 - 00002428 _____ C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-10 20:14 - 2015-08-27 02:39 - 00000000 ___RD C:\Users\uzivatel\OneDrive
2017-01-07 20:30 - 2016-12-15 21:22 - 00000000 ____D C:\Users\uzivatel\AppData\Local\Deployment
2017-01-07 20:11 - 2015-03-06 09:53 - 00000000 ____D C:\Users\uzivatel\AppData\Local\VirtualStore
2017-01-06 12:27 - 2015-05-28 21:56 - 00000000 ___RD C:\Users\uzivatel\Desktop\Fotečky
2017-01-01 20:30 - 2014-12-31 12:56 - 00000000 ____D C:\ProgramData\CyberLink
2017-01-01 20:16 - 2015-03-08 09:44 - 00000000 ____D C:\Users\uzivatel\AppData\Roaming\CyberLink
2016-12-31 11:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Registration
==================== Files in the root of some directories =======
2015-03-06 09:58 - 2015-03-24 08:36 - 0008362 _____ () C:\Users\uzivatel\AppData\Roaming\AbsoluteReminder.xml
2017-01-30 19:35 - 2017-01-30 19:35 - 0000779 _____ () C:\Users\uzivatel\AppData\Roaming\gdscan.log
2015-03-13 13:23 - 2015-03-13 13:23 - 0076976 _____ () C:\Users\uzivatel\AppData\Roaming\LoJackSetup.exe
2016-12-15 21:42 - 2016-12-15 21:42 - 0007597 _____ () C:\Users\uzivatel\AppData\Local\Resmon.ResmonCfg
2016-09-30 03:35 - 2016-09-30 03:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-28 10:18
==================== End of FRST.txt ============================
Re: Zavireny PC
Ale ono to je rychlejsie, super!
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavireny PC
Jiný problém nemáte?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavireny PC
Stale to nie je ono, Je rychlejsi, no neviem... Podla vas tam uz nie je nic co by to mohlo brzdit?
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavireny PC
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavireny PC
Malwarebytes
www.malwarebytes.com
-Podrobnosti denníka-
Dátum skenovania: 31.01.17
Čas skenovania: 18:40
Súbor denníka:
Správca: Áno
-Údaje o softvéri-
Verzia: 3.0.6.1469
Verzia súčastí: 1.0.50
Aktualizovať verziu balíka: 1.0.1064
Licencia: Skúšobná verzia
-Systémové informácie-
OS: Windows 10
Procesor: x64
Systém súborov: NTFS
Používateľ: Lenovo\uzivatel
-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Výsledok: Dokončené
Preskenované objekty: 396505
Uplynulý čas: 9 min, 56 s
-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Povolené
PUM: Povolené
-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)
Modul: 0
(Nezistili sa nijaké škodlivé položky)
Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)
Priečinok: 0
(Nezistili sa nijaké škodlivé položky)
Súbor: 0
(Nezistili sa nijaké škodlivé položky)
Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)
(end)
www.malwarebytes.com
-Podrobnosti denníka-
Dátum skenovania: 31.01.17
Čas skenovania: 18:40
Súbor denníka:
Správca: Áno
-Údaje o softvéri-
Verzia: 3.0.6.1469
Verzia súčastí: 1.0.50
Aktualizovať verziu balíka: 1.0.1064
Licencia: Skúšobná verzia
-Systémové informácie-
OS: Windows 10
Procesor: x64
Systém súborov: NTFS
Používateľ: Lenovo\uzivatel
-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Výsledok: Dokončené
Preskenované objekty: 396505
Uplynulý čas: 9 min, 56 s
-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Povolené
PUM: Povolené
-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)
Modul: 0
(Nezistili sa nijaké škodlivé položky)
Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)
Priečinok: 0
(Nezistili sa nijaké škodlivé položky)
Súbor: 0
(Nezistili sa nijaké škodlivé položky)
Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)
(end)
Re: Zavireny PC
Neviem, nemoze to byt zaneprazdneny procesor? Vela spustenych programov alebo tak nejak?
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavireny PC
Koukněte do správce úloh. Pokud tam nenajdete nějakou závratnou hodnotu, zkuste defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavireny PC
Procesor okolo 20%, pamet 70%, disk 1 %, siet 0%...
Re: Zavireny PC
A celkom dosť procesov na pozadí...
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavireny PC
Problém je v tom, že ty procesy jsou zcela regulérní a já nemohu za vás rozhdnou, který proces zastavit. Ktarý z procesů zatěžuje nejvíce paměť?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?