Dobrý den,
Avast mi poslední dobou opakovaně hlásí nákazu, ale nedaří se ji skrze něj vyléčit. Zároveň se mi, mám pocit, zpomalil počítač. Níže posílám logy. Budu moc rád za pomoc
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by admin (administrator) on X230 (23-10-2018 22:02:34)
Running from C:\Users\admin\Downloads
Loaded Profiles: admin & Guest (Available Profiles: admin & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Felix Belzile) C:\Program Files (x86)\Cold Turkey\CTService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe
(f.lux Software LLC) C:\Users\admin\AppData\Local\FluxSoftware\Flux\flux.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(BitTorrent Inc.) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Dropbox, Inc.) C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dropbox, Inc.) C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(BitTorrent Inc.) C:\Users\admin\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(BitTorrent Inc.) C:\Users\admin\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Felix Belzile) C:\Program Files (x86)\Cold Turkey\Cold Turkey.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TpShocks] => C:\Windows\SYSTEM32\TpShocks.exe [384344 2014-02-17] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [297008 2014-01-28] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-05] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-08-23] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [66560 2013-06-17] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe [3538944 2012-05-18] ()
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\Run: [f.lux] => C:\Users\admin\AppData\Local\FluxSoftware\Flux\flux.exe [1806344 2018-07-03] (f.lux Software LLC)
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\Run: [EpicScale] => [X]
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\Run: [Dropbox Update] => C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd)
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [1454080 2018-10-06] (Adobe Systems Incorporated)
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\MountPoints2: {49f7794c-aac5-11e3-b1de-3c970e7dcaac} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\MountPoints2: {4eca40ac-2668-11e5-9b0f-3c970e7dcaac} - E:\AutoRun.exe
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Run: [eM Client] => "C:\Program Files (x86)\eM Client\MailClient.exe" /startup
HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1469784 2018-09-15] (Google Inc.)
HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Run: [OscarEditor] => C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe [3538944 2012-05-18] ()
HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Run: [f.lux] => C:\Users\admin\AppData\Local\FluxSoftware\Flux\flux.exe [1806344 2018-07-03] (f.lux Software LLC)
HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Run: [uTorrent] => C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe [1987768 2018-09-22] (BitTorrent Inc.)
HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Run: [EpicScale] => [X]
HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [781712 2018-07-28] (Spotify Ltd)
HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Run: [Spotify] => C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe [24529296 2018-09-03] (Spotify Ltd)
HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\MountPoints2: {49f7794c-aac5-11e3-b1de-3c970e7dcaac} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2018-10-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2014-01-24]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-06-13]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{28789785-CA77-4F18-90BC-67E0607A9762}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2DAD3ACE-3C43-49B9-B89F-2D574BFCA9B4}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180520__yaie
SearchScopes: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180520__yaie&p={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-10-06] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-10-31] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-10-06] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FireFox:
========
FF DefaultProfile: d9t8npmo.default-1539031801572
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\d9t8npmo.default-1539031801572 [2018-10-23]
FF Extension: (Avast Online Security) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\d9t8npmo.default-1539031801572\Extensions\wrc@avast.com.xpi [2018-06-28]
FF Extension: (Telemetry coverage) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\d9t8npmo.default-1539031801572\features\{344b6ff5-9011-438c-8873-7aca494f5527}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-09] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-10-06] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-02-11] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-10-06] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-10-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-10-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-02-11] (Adobe Systems)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-1235678525-1039047479-1949144739-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.igoogle.com/
CHR StartupUrls: Default -> "hxxps://isir.justice.cz/isir/common/index.do","hxxp://www.google.com/ig"
CHR NewTab: Default -> Active:"chrome-extension://akimgimeeoiognljlfchpbkpfbmeapkh/index_compiled.html"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2018-10-22]
CHR Extension: (Duolingo on the Web) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-01-14]
CHR Extension: (Google Arts & Culture) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\akimgimeeoiognljlfchpbkpfbmeapkh [2017-11-11]
CHR Extension: (Dokumenty) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-03]
CHR Extension: (Disk Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-03]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Send to Kindle for Google Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2015-11-22]
CHR Extension: (uBlock Origin) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-10-22]
CHR Extension: (Vyhledávání Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-22]
CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-22]
CHR Extension: (Wolfram|Alpha (Official)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp [2014-01-21]
CHR Extension: (Toefl Exercises) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpaekkjdfknjjhlihemoammeedofnle [2017-09-15]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2017-09-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Greyscale) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\penkfbldfkaelnnhblmfmajlggdielfm [2014-01-23]
CHR Extension: (Evernote Web Clipper) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2018-10-22]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-22]
CHR Extension: (Learn Spanish - Qué Onda) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoocbcmaj [2014-01-21]
CHR Extension: (RSS Feed Reader) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2018-10-22]
CHR HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-09-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-05] (AVAST Software)
R2 CTService; C:\Program Files (x86)\Cold Turkey\\CTService.exe [324096 2015-01-18] (Felix Belzile) [File not signed]
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [198704 2014-01-28] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-02-08] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28544 2016-09-10] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-02-08] (Intel® Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-10-21] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-21] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-10-21] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-10-21] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-10-21] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [185240 2018-10-21] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-10-21] (AVAST Software)
S1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-10-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-10-21] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-10-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-10-21] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-10-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467904 2018-10-21] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-10-21] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-01-21] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-10-21] (AVAST Software)
S3 cmnxusbser; C:\Windows\System32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-27] (Disc Soft Ltd)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-02] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-05-04] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.)
R3 RCUVCAVS; C:\Windows\System32\DRIVERS\RCUVCAVS.sys [177920 2013-07-05] (Ricoh co.,Ltd.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2013-11-15] (Synaptics Incorporated)
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2014-08-12] (The OpenVPN Project)
S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2013-09-26] (ThinkVantage Communications Utility)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-23 22:02 - 2018-10-23 22:02 - 000028898 _____ C:\Users\admin\Downloads\FRST.txt
2018-10-23 22:01 - 2018-10-23 22:02 - 000000000 ____D C:\FRST
2018-10-23 22:01 - 2018-10-23 22:01 - 002414592 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2018-10-23 22:01 - 2018-10-23 22:01 - 001222144 _____ C:\Users\admin\Downloads\RSITx64.exe
2018-10-21 19:51 - 2018-10-21 19:50 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-10-21 19:51 - 2018-10-21 19:50 - 000042456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-10-15 17:02 - 2018-10-19 14:33 - 000000000 ____D C:\Users\admin\Documents\Otuzilci
2018-10-10 23:44 - 2018-10-10 23:44 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-10-09 20:58 - 2018-09-19 10:08 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2018-10-09 20:58 - 2018-09-18 21:08 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-10-09 20:58 - 2018-09-18 20:10 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-10-09 20:58 - 2018-09-18 07:52 - 025735168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-10-09 20:58 - 2018-09-18 07:27 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-10-09 20:58 - 2018-09-18 07:26 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-10-09 20:58 - 2018-09-18 07:25 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-10-09 20:58 - 2018-09-18 07:25 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-10-09 20:58 - 2018-09-18 07:25 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-10-09 20:58 - 2018-09-18 07:25 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-10-09 20:58 - 2018-09-18 07:19 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-10-09 20:58 - 2018-09-18 07:18 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-10-09 20:58 - 2018-09-18 07:16 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-10-09 20:58 - 2018-09-18 07:15 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-10-09 20:58 - 2018-09-18 07:15 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-10-09 20:58 - 2018-09-18 07:14 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-10-09 20:58 - 2018-09-18 07:14 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-10-09 20:58 - 2018-09-18 07:14 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-10-09 20:58 - 2018-09-18 07:09 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-10-09 20:58 - 2018-09-18 07:06 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-10-09 20:58 - 2018-09-18 07:01 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-10-09 20:58 - 2018-09-18 07:00 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-10-09 20:58 - 2018-09-18 07:00 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-10-09 20:58 - 2018-09-18 06:57 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-10-09 20:58 - 2018-09-18 06:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-10-09 20:58 - 2018-09-18 06:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-10-09 20:58 - 2018-09-18 06:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-10-09 20:58 - 2018-09-18 06:45 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-10-09 20:58 - 2018-09-18 06:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-10-09 20:58 - 2018-09-18 06:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-10-09 20:58 - 2018-09-18 06:41 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-10-09 20:58 - 2018-09-18 06:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-10-09 20:58 - 2018-09-18 06:39 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-10-09 20:58 - 2018-09-18 06:35 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-10-09 20:58 - 2018-09-18 06:33 - 020278784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-10-09 20:58 - 2018-09-18 06:23 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-10-09 20:58 - 2018-09-18 06:21 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-10-09 20:58 - 2018-09-18 06:21 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-10-09 20:58 - 2018-09-18 06:20 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-10-09 20:58 - 2018-09-18 06:20 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-10-09 20:58 - 2018-09-18 06:19 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-10-09 20:58 - 2018-09-18 06:18 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-10-09 20:58 - 2018-09-18 06:15 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-10-09 20:58 - 2018-09-18 06:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-10-09 20:58 - 2018-09-18 06:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-10-09 20:58 - 2018-09-18 06:13 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-10-09 20:58 - 2018-09-18 06:13 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-10-09 20:58 - 2018-09-18 06:12 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-10-09 20:58 - 2018-09-18 06:10 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-10-09 20:58 - 2018-09-18 06:06 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-10-09 20:58 - 2018-09-18 06:03 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-10-09 20:58 - 2018-09-18 06:02 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-10-09 20:58 - 2018-09-18 06:02 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-10-09 20:58 - 2018-09-18 06:00 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-10-09 20:58 - 2018-09-18 05:59 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-10-09 20:58 - 2018-09-18 05:58 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-10-09 20:58 - 2018-09-18 05:57 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-10-09 20:58 - 2018-09-18 05:57 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-10-09 20:58 - 2018-09-18 05:53 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-10-09 20:58 - 2018-09-18 05:52 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-10-09 20:58 - 2018-09-18 05:51 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-10-09 20:58 - 2018-09-18 05:50 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-10-09 20:58 - 2018-09-18 05:50 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-10-09 20:58 - 2018-09-18 05:37 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-10-09 20:58 - 2018-09-18 05:34 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-10-09 20:58 - 2018-09-18 05:31 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-10-09 20:58 - 2018-09-11 20:28 - 003227136 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-10-09 20:58 - 2018-09-11 20:23 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-10-09 20:58 - 2018-09-11 20:22 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-10-09 20:58 - 2018-09-09 03:02 - 005552328 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-10-09 20:58 - 2018-09-09 03:02 - 001680072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-10-09 20:58 - 2018-09-09 03:02 - 000986824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-10-09 20:58 - 2018-09-09 03:02 - 000708296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-10-09 20:58 - 2018-09-09 03:02 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-10-09 20:58 - 2018-09-09 03:02 - 000265416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-10-09 20:58 - 2018-09-09 03:02 - 000262344 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-10-09 20:58 - 2018-09-09 03:02 - 000154824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-10-09 20:58 - 2018-09-09 03:02 - 000095432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-10-09 20:58 - 2018-09-09 03:01 - 001664320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 002851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-10-09 20:58 - 2018-09-09 02:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-10-09 20:58 - 2018-09-09 02:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-10-09 20:58 - 2018-09-09 02:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-10-09 20:58 - 2018-09-09 02:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-10-09 20:58 - 2018-09-09 02:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-10-09 20:58 - 2018-09-09 02:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-10-09 20:58 - 2018-09-09 02:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-10-09 20:58 - 2018-09-09 02:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-10-09 20:58 - 2018-09-09 02:57 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-10-09 20:58 - 2018-09-09 02:57 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2018-10-09 20:58 - 2018-09-09 02:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-10-09 20:58 - 2018-09-09 02:46 - 004054216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-10-09 20:58 - 2018-09-09 02:46 - 003959496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-10-09 20:58 - 2018-09-09 02:46 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-10-09 20:58 - 2018-09-09 02:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2018-10-09 20:58 - 2018-09-09 02:44 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-10-09 20:58 - 2018-09-09 02:44 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-10-09 20:58 - 2018-09-09 02:44 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-10-09 20:58 - 2018-09-09 02:44 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-10-09 20:58 - 2018-09-09 02:44 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-10-09 20:58 - 2018-09-09 02:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-10-09 20:58 - 2018-09-09 02:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-10-09 20:58 - 2018-09-09 02:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-10-09 20:58 - 2018-09-09 02:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-10-09 20:58 - 2018-09-09 02:42 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-10-09 20:58 - 2018-09-09 02:42 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-10-09 20:58 - 2018-09-09 02:21 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-10-09 20:58 - 2018-09-09 02:21 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-10-09 20:58 - 2018-09-09 02:16 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-10-09 20:58 - 2018-09-09 02:15 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-10-09 20:58 - 2018-09-09 02:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-10-09 20:58 - 2018-09-09 02:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-10-09 20:58 - 2018-09-09 02:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-10-09 20:58 - 2018-08-28 08:24 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-10-09 20:58 - 2018-08-28 08:24 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-10-09 20:58 - 2018-08-28 08:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-10-09 20:58 - 2018-08-28 08:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-10-09 20:58 - 2018-08-28 08:09 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-10-09 20:58 - 2018-08-28 07:52 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2018-10-09 20:58 - 2018-08-28 07:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2018-10-09 20:58 - 2018-08-28 07:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2018-10-09 20:58 - 2018-08-16 04:18 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2018-10-09 20:58 - 2018-08-13 23:49 - 001391856 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-10-09 20:58 - 2018-08-13 17:54 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2018-10-09 20:58 - 2018-08-12 22:32 - 000140976 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-10-09 20:58 - 2018-08-08 17:54 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-10-09 20:58 - 2018-08-08 17:54 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-10-09 20:58 - 2018-08-08 17:40 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-10-09 20:58 - 2018-08-08 17:40 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-10-09 20:57 - 2018-09-18 07:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-10-09 20:57 - 2018-09-18 07:38 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-10-09 20:57 - 2018-09-18 06:31 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-10-09 20:57 - 2018-09-09 02:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-10-09 20:57 - 2018-09-09 02:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-10-09 20:57 - 2018-09-09 02:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-10-09 20:57 - 2018-09-09 02:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-10-09 20:57 - 2018-09-09 02:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-10-09 20:57 - 2018-09-09 02:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-10-09 20:57 - 2018-09-09 02:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-10-09 20:57 - 2018-09-09 02:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-10-09 20:57 - 2018-09-09 02:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-10-09 20:57 - 2018-09-09 02:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-10-09 20:57 - 2018-09-09 02:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:44 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-10-09 20:57 - 2018-09-09 02:44 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-10-09 20:57 - 2018-09-09 02:44 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-10-09 20:57 - 2018-09-09 02:44 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-10-09 20:57 - 2018-09-09 02:44 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-10-09 20:57 - 2018-09-09 02:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-10-09 20:57 - 2018-09-09 02:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-10-09 20:57 - 2018-09-09 02:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-10-09 20:57 - 2018-09-09 02:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-10-09 20:57 - 2018-09-09 02:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-10-09 20:57 - 2018-09-09 02:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-10-09 20:57 - 2018-09-09 02:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:25 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-10-09 20:57 - 2018-09-09 02:25 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-10-09 20:57 - 2018-09-09 02:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-10-09 20:57 - 2018-09-09 02:25 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-10-09 20:57 - 2018-09-09 02:20 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-10-09 20:57 - 2018-09-09 02:18 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-10-09 20:57 - 2018-09-09 02:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-10-09 20:57 - 2018-09-09 02:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-10-09 20:57 - 2018-09-09 02:13 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-10-09 20:57 - 2018-09-09 02:13 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-10-09 20:57 - 2018-09-09 02:13 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-10-09 20:57 - 2018-09-09 02:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-10-09 20:57 - 2018-09-09 02:12 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-10-09 20:57 - 2018-09-09 02:12 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:12 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:12 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-10-09 20:57 - 2018-09-09 02:12 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-10-09 20:57 - 2018-08-28 08:24 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-10-09 20:57 - 2018-08-28 08:09 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-10-09 20:57 - 2018-08-12 22:27 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-10-06 10:59 - 2018-10-06 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-10-06 10:59 - 2018-10-06 10:59 - 000000000 ____D C:\Program Files\iTunes
2018-10-06 10:59 - 2018-10-06 10:59 - 000000000 ____D C:\Program Files\iPod
2018-10-06 10:55 - 2018-10-06 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-10-06 10:54 - 2018-10-06 10:54 - 000000000 ____D C:\Users\admin\AppData\Roaming\Sun
2018-10-06 10:53 - 2018-10-23 22:01 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-10-06 10:53 - 2018-10-06 10:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-23 22:02 - 2014-10-21 17:28 - 000000000 ____D C:\Users\admin\AppData\Roaming\uTorrent
2018-10-23 22:01 - 2018-04-14 17:22 - 000004520 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-23 22:01 - 2018-04-12 07:38 - 000002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-10-23 22:01 - 2018-03-29 23:33 - 000004140 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-10-23 22:01 - 2015-12-04 08:37 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-10-23 22:01 - 2015-06-23 14:21 - 000003518 _____ C:\Windows\System32\Tasks\Intel_C_CVTR5175004E240CGN
2018-10-23 22:01 - 2015-06-22 10:08 - 000003898 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1235678525-1039047479-1949144739-1000UA
2018-10-23 22:01 - 2015-06-22 10:08 - 000003502 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1235678525-1039047479-1949144739-1000Core
2018-10-23 22:01 - 2015-06-22 10:08 - 000000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1235678525-1039047479-1949144739-1000UA.job
2018-10-23 22:01 - 2015-06-22 10:08 - 000000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1235678525-1039047479-1949144739-1000Core.job
2018-10-23 22:01 - 2015-01-02 16:02 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-10-23 22:01 - 2014-08-20 13:35 - 000003094 _____ C:\Windows\System32\Tasks\{497F6A51-423C-4894-B992-24BAF2D10F63}
2018-10-23 22:01 - 2014-05-09 17:22 - 000003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2018-10-23 22:01 - 2014-05-09 17:22 - 000003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2018-10-23 22:01 - 2014-04-23 14:09 - 000003020 _____ C:\Windows\System32\Tasks\PMTask
2018-10-23 22:01 - 2014-04-23 13:58 - 000002982 _____ C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements
2018-10-23 22:01 - 2014-01-21 11:30 - 000003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BD16C371-2B06-4439-B4D5-53B872464CF8}
2018-10-23 22:01 - 2014-01-19 16:49 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-23 22:01 - 2014-01-19 16:49 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-23 22:01 - 2014-01-17 15:18 - 000002836 _____ C:\Windows\System32\Tasks\DiskUpdate
2018-10-23 22:00 - 2014-03-01 21:44 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc
2018-10-23 21:27 - 2009-07-14 06:45 - 000015024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-23 21:27 - 2009-07-14 06:45 - 000015024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-21 19:51 - 2017-02-08 21:03 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-10-21 19:50 - 2017-11-19 16:26 - 000201408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-10-21 19:50 - 2017-11-17 21:46 - 000185240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-10-21 19:50 - 2017-02-08 21:03 - 000346760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-10-21 19:50 - 2017-02-08 21:03 - 000230512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-10-21 19:50 - 2017-02-08 21:03 - 000201928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-10-21 19:50 - 2017-02-08 21:03 - 000059664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-10-21 19:50 - 2014-05-01 17:33 - 000047064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-10-21 19:50 - 2014-01-21 19:38 - 001028840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-10-21 19:50 - 2014-01-21 19:38 - 000467904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-10-21 19:50 - 2014-01-21 19:38 - 000381144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-10-21 19:50 - 2014-01-21 19:38 - 000208640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-10-21 19:50 - 2014-01-21 19:38 - 000163376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-10-21 19:50 - 2014-01-21 19:38 - 000111968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-10-21 19:50 - 2014-01-21 19:38 - 000088112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-10-21 19:50 - 2014-01-21 19:32 - 000000000 ____D C:\ProgramData\AVAST Software
2018-10-13 23:52 - 2014-01-17 15:04 - 000000000 ____D C:\ProgramData\Lenovo
2018-10-13 23:45 - 2009-07-14 17:18 - 000669116 _____ C:\Windows\system32\perfh005.dat
2018-10-13 23:45 - 2009-07-14 17:18 - 000141744 _____ C:\Windows\system32\perfc005.dat
2018-10-13 23:45 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-13 23:45 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-10-13 23:43 - 2018-05-13 18:21 - 000000000 ____D C:\Users\admin\AppData\Local\AVAST Software
2018-10-13 23:42 - 2018-09-22 15:07 - 000000000 ____D C:\Users\admin\AppData\LocalLow\uTorrent
2018-10-13 23:42 - 2016-12-04 19:12 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Mozilla
2018-10-12 03:58 - 2015-09-10 03:50 - 000000000 ____D C:\Windows\rescache
2018-10-12 03:21 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-12 03:21 - 2009-07-14 06:45 - 005145744 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-12 03:04 - 2014-04-29 12:48 - 000000000 ____D C:\Windows\system32\MRT
2018-10-12 03:00 - 2014-04-29 12:48 - 136745976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-10-11 07:14 - 2016-04-23 15:52 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-10 23:44 - 2014-02-01 12:23 - 000000000 ____D C:\Users\admin\AppData\Roaming\Dropbox
2018-10-09 07:22 - 2017-03-19 17:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-09 07:22 - 2015-01-02 16:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-08 22:53 - 2014-03-13 16:54 - 000000000 ____D C:\Windows\Minidump
2018-10-08 22:53 - 2014-01-17 11:42 - 000000000 ____D C:\Windows\Panther
2018-10-08 22:53 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\ModemLogs
2018-10-06 14:53 - 2014-01-19 18:07 - 000000000 ____D C:\Program Files\WinRAR
2018-10-06 10:55 - 2017-03-19 17:40 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-10-06 10:55 - 2014-08-20 12:33 - 000000000 ____D C:\Users\admin\AppData\Roaming\Skype
2018-10-06 10:55 - 2014-08-20 12:32 - 000000000 ____D C:\ProgramData\Skype
2018-10-06 10:55 - 2014-01-19 18:07 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-10-06 10:55 - 2014-01-19 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-10-06 10:54 - 2014-12-09 14:51 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-10-06 10:54 - 2014-12-09 14:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-10-06 10:54 - 2014-01-21 19:46 - 000000000 ____D C:\Program Files (x86)\Java
2018-10-06 10:53 - 2014-05-25 14:29 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-10-06 10:53 - 2014-05-25 14:29 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-10-06 10:53 - 2014-05-25 14:29 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-10-06 10:53 - 2014-05-25 14:29 - 000000000 ____D C:\Windows\system32\Macromed
2018-10-02 18:25 - 2014-02-01 12:46 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Adobe
2018-10-01 14:48 - 2014-02-01 12:33 - 000000000 ____D C:\Users\admin\Documents\Práva
2018-09-25 07:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2016-08-15 19:14 - 2016-08-15 19:14 - 000017053 _____ () C:\Users\admin\AppData\Local\recently-used.xbel
2018-03-19 07:09 - 2018-05-01 16:06 - 000153600 _____ () C:\Users\admin\AppData\Local\WebpageIcons.db
2014-04-23 13:59 - 2014-04-23 14:00 - 000030653 _____ () C:\Users\admin\AppData\Local\WiDiSetupLog.20140423.135910.wdl
2017-11-18 21:47 - 2017-11-18 21:47 - 000000000 _____ () C:\Users\admin\AppData\Local\{1C752D62-FE6D-4783-B06D-40BE1CEAD696}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-10-15 15:47
==================== End of FRST.txt ============================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by admin (23-10-2018 22:03:10)
Running from C:\Users\admin\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-01-17 09:48:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
admin (S-1-5-21-1235678525-1039047479-1949144739-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-1235678525-1039047479-1949144739-500 - Administrator - Disabled)
Guest (S-1-5-21-1235678525-1039047479-1949144739-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1235678525-1039047479-1949144739-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\uTorrent) (Version: 3.4.3.40208 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\Amazon Kindle) (Version: - Amazon)
Amazon Kindle (HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Amazon Kindle) (Version: - Amazon)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.0.1.240 - Amazon)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{d5572863-793c-4ec8-872a-43cccc68b948}) (Version: 18.40.0 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{5B27E69E-F59D-4B62-901F-F6981C826A5A}) (Version: 3.4.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
Cold Turkey (Pro) (HKLM-x32\...\{6498E673-B9C2-4544-A722-1E854B5B573E}_is1) (Version: 1.2.6 Pro - Felix Belzile)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\Dropbox) (Version: 59.4.93 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Evernote v. 6.4.2 (HKLM-x32\...\{E74F0DCA-9FC8-11E6-9D98-005056950253}) (Version: 6.4.2.3788 - Evernote Corp.)
f.lux (HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\Flux) (Version: - f.lux Software LLC)
f.lux (HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Flux) (Version: - )
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Integrated Camera Driver Installer Package Ver.1.0.0.30 (HKLM-x32\...\{F8754583-7893-4CD8-9E51-1A08F3D4C1A9}) (Version: 1.0.0.30 - RICOH)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3359 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.3.0.400 - Intel Corporation)
iTunes (HKLM\...\{9F1EE6A3-7BDE-48CC-BC81-1EA3D21D94E3}) (Version: 12.9.0.167 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.9.0 - Lenovo)
Lenovo On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.80.13 - Lenovo)
Lenovo Patch Utility (HKLM-x32\...\{C6FB6B4A-1378-4CD3-9CD3-42BA69FCBD43}) (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{053ACA98-6B07-4DD0-9DB3-F51E3EB1780C}) (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0037 - Lenovo)
Lexicon 2002 (HKLM-x32\...\Lexicon 4.0) (Version: - )
LibreOffice 4.4.4.3 (HKLM-x32\...\{5B6D82BB-CC1A-431E-8991-3E57855F99C5}) (Version: 4.4.4.3 - The Document Foundation)
Litecoin (HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Litecoin) (Version: 0.8.6.2 - Litecoin project)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 62.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.3 (x64 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
MultiBit 0.5.16 (HKLM-x32\...\MultiBit 0.5.16) (Version: 0.5.16 - )
O2 (HKLM-x32\...\O2CZ) (Version: - O2)
Office Shuttle Software (HKLM-x32\...\{3F87539C-BD1B-4529-8F13-8B3599A51D6C}) (Version: 12.05.0004 - A4TECH) Hidden
Office Shuttle Software (HKLM-x32\...\InstallShield_{3F87539C-BD1B-4529-8F13-8B3599A51D6C}) (Version: 12.05.0004 - A4TECH)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.10 - Lenovo Group Limited)
R for Windows 3.4.4 (HKLM\...\R for Windows 3.4.4_is1) (Version: 3.4.4 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
RStudio (HKLM-x32\...\RStudio) (Version: 1.1.442 - RStudio)
Skype verze 8.31 (HKLM-x32\...\Skype_is1) (Version: 8.31 - Skype Technologies S.A.)
Slovník Verdict Free (HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\Verdict Free) (Version: - )
Slovník Verdict Free (HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Verdict Free) (Version: - )
Spotify (HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\Spotify) (Version: 1.0.86.337.ga8d5cef9 - Spotify AB)
Spotify (HKU\S-1-5-21-1235678525-1039047479-1949144739-501\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.0.30.51 - EnigmaSoft Limited)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.13 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Základní software zařízení HP Deskjet 2050 J510 series (HKLM\...\{F61FD928-A74D-4AF9-9667-BE2BB6F2C386}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-02-11] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-05] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-05] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-02-11] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-05] (AVAST Software)
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2014-02-24] (Disc Soft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2014-02-24] (Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-05] (AVAST Software)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_240.dll [2014-09-23] (Amazon.com, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-16] (Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-02-11] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-05] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1235678525-1039047479-1949144739-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1235678525-1039047479-1949144739-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1235678525-1039047479-1949144739-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BC1BC28-8C5B-4E17-B861-994097E14E54} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {12EAB74E-1EE5-4D97-9F5E-2FAF6354CD07} - System32\Tasks\CCleaner Update => C:\Program Files (x86)\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd)
Task: {136B9569-008B-4F0F-940B-8004E2A0D1AF} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-09-10] ()
Task: {21F07C2C-89D8-4BB1-8ED8-ABD89013E595} - System32\Tasks\{497F6A51-423C-4894-B992-24BAF2D10F63} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.18.60.106/cs/abandoninstall?page=tsMain
Task: {2496068F-1E3B-4C58-B09C-FF15412B2D9C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {4548D560-7C1A-40F5-891B-E02A7B7FB9F3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {4A626832-9947-43BF-B1AA-4FE20B3B0EA2} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {5E898F78-43BB-4A1B-9C4D-CE161A8AF627} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {616A9BD4-AAEB-4AB2-B768-BAF14460F092} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {650F35C7-E8F1-473B-9A07-B0F088BC2C3C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {66407463-A00E-4EB1-8AD2-15CDF270C43E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-21] (AVAST Software)
Task: {6C6574EA-C028-4746-B6A0-2BEB65415F5E} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-09-10] ()
Task: {761E3F7C-D05D-4143-B6BD-539CDCB33476} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-09-15] (AVAST Software)
Task: {79C7EFCE-AF60-4442-9753-0FC97E096038} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd)
Task: {83A2EEE3-AC73-499B-8E65-D537452A31A9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-06] (Adobe Systems Incorporated)
Task: {877E722C-C9A7-48D2-9E7C-E06185A37E83} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {895C1FB8-0573-448A-A080-832287F96821} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {9AFAB50D-87D7-484A-8D39-BB51784E6C70} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {9D7377AD-66D5-4813-B11E-404B7D07CCB6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {9F00C0AC-8188-41E8-A0EB-A4DB98E30E75} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {AB5DEC6F-9F0C-4B64-AEAA-BAE95C565D0F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {B841639D-CB39-4A8F-A5D4-12422430CC64} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-10] ()
Task: {BD5191A4-E13E-471B-8C5D-AD6DA5CEB1C6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-10-06] (Adobe Systems Incorporated)
Task: {D792C3FC-8A9B-402A-B83F-D7FB78FE17B2} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {D8CB50B8-260B-479D-9FB5-E95146AB773E} - System32\Tasks\Intel_C_CVTR5175004E240CGN => C:\Program Files (x86)\Intel\Intel(R) SSD Toolbox\Intel SSD Toolbox.exe [2015-05-05] (Intel)
Task: {D9BC3602-2DCA-47B7-9CC9-4960810EB88D} - System32\Tasks\avastBCLRestartS-1-5-21-1235678525-1039047479-1949144739-1000 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {DB1C8FD7-C6DE-4D3D-85F0-41ABD13C298D} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2016-04-14] (Lenovo Group Limited)
Task: {DE17F471-8D04-4C15-BC7A-C8225313A43A} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe
Task: {E0948C34-BCF7-4119-90A2-C2FABD461B8C} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {E11D57A1-311C-47BE-AAC7-21AA32FAEAEF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1235678525-1039047479-1949144739-1000Core => C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {EAAE96DD-5B69-4151-8FA4-4C5D76F10BE2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1235678525-1039047479-1949144739-1000UA => C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1235678525-1039047479-1949144739-1000Core.job => C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1235678525-1039047479-1949144739-1000UA.job => C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-08-22 22:18 - 2018-08-22 22:18 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-09-05 19:13 - 2018-09-05 19:13 - 000703192 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2014-02-11 04:21 - 2014-02-11 04:21 - 000644464 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2012-05-18 20:59 - 2012-05-18 20:59 - 003538944 _____ () C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe
2014-04-23 14:08 - 2016-04-14 06:08 - 000107008 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2018-09-19 10:12 - 2018-09-19 10:12 - 000085320 _____ () C:\Program Files (x86)\CCleaner\lang\lang-1029.dll
2014-01-17 15:17 - 2012-03-21 12:05 - 000051776 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2018-09-05 19:13 - 2018-09-05 19:13 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-09-05 19:13 - 2018-09-05 19:13 - 000896216 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-09-05 19:13 - 2018-09-05 19:13 - 000541400 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-09-05 19:13 - 2018-09-05 19:13 - 000151768 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-09-05 19:13 - 2018-09-05 19:13 - 000986840 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-10-23 21:04 - 2018-10-23 21:04 - 005677712 _____ () C:\Program Files\AVAST Software\Avast\defs\18102300\algo.dll
2015-08-18 10:33 - 2014-03-02 21:35 - 000075776 _____ () C:\Program Files (x86)\Cold Turkey\PcapDotNet.Core.dll
2014-04-23 14:03 - 2011-08-02 20:58 - 002201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2014-04-23 14:03 - 2011-08-02 20:58 - 002085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2014-01-17 15:16 - 2013-05-13 16:15 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2010-12-02 18:56 - 2010-12-02 18:56 - 000815104 _____ () C:\Program Files (x86)\G9G11_ScreenCapture\Data\G11_ScreenCapture\Forms\OSD_Text\OSD_Text.dll
2011-01-09 21:45 - 2011-01-09 21:45 - 000088064 _____ () C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_MouseDeviceManager.dll
2011-04-06 17:06 - 2011-04-06 17:06 - 000067072 _____ () C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_PenSuit.dll
2012-02-07 12:20 - 2012-02-07 12:20 - 002413568 _____ () C:\Program Files (x86)\G9G11_ScreenCapture\Data\G11_ScreenCapture\Forms\ScreenCapture\ScreenCapture.dll
2011-03-21 20:33 - 2011-03-21 20:33 - 000999424 _____ () C:\Program Files (x86)\G9G11_ScreenCapture\Data\G11_ScreenCapture\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2011-05-20 17:52 - 2011-05-20 17:52 - 000901632 _____ () C:\Program Files (x86)\G9G11_ScreenCapture\Data\G11_ScreenCapture\Forms\ProfileHint\ProfileHint.dll
2010-09-20 15:18 - 2010-09-20 15:18 - 000085504 _____ () C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_ZoomControl.dll
2010-09-20 15:18 - 2010-09-20 15:18 - 000054272 _____ () C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_ScrollbarControl.dll
2011-04-12 16:14 - 2011-04-12 16:14 - 000063488 _____ () C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 21:16 - 2010-11-01 21:16 - 000062976 _____ () C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_AnalyzeGesturesInOne.dll
2012-04-27 12:40 - 2012-04-27 12:40 - 000118272 _____ () C:\Program Files (x86)\G9G11_ScreenCapture\DLL\DLL_Wheel4D.dll
2012-05-11 20:46 - 2012-05-11 20:46 - 000891904 _____ () C:\Program Files (x86)\G9G11_ScreenCapture\Data\G11_ScreenCapture\Forms\KeyboardLEDForm\KeyboardLEDForm.dll
2018-10-10 23:44 - 2018-10-09 13:53 - 001140552 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2018-10-10 23:44 - 2018-10-09 13:53 - 002247496 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2018-05-10 19:11 - 2018-10-09 13:58 - 000023376 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\tornado.speedups.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:55 - 000025456 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000142312 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\_cffi_backend.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 001953640 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000025960 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:53 - 000117720 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\pywintypes35.dll
2018-05-10 19:11 - 2018-10-09 13:53 - 000109024 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32api.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000083784 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\fastpath.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:53 - 000418264 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\pythoncom35.dll
2018-05-10 19:11 - 2018-10-09 13:53 - 000027616 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32event.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000049128 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32process.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000074072 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000131552 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32file.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:55 - 000025944 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000026600 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32clipboard.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000182752 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32gui.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000027616 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32pipe.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000118760 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32security.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:58 - 000401752 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32com.shell.shell.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000028640 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32job.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:58 - 000034664 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:53 - 000023704 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\mmapfile.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000053736 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32service.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000064992 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32evtlog.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:58 - 000059744 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:58 - 000068968 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:58 - 000028520 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:55 - 000027488 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000032408 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32ts.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000156504 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:58 - 000092488 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\sip.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 001778000 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000518992 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000052056 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 001929552 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:57 - 003821392 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000044888 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000132944 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000218456 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000205656 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000061408 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32print.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:58 - 000051552 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000027624 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\win32profile.cp35-win32.pyd
2018-08-09 00:38 - 2018-10-09 13:58 - 000033632 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winreindex.compiled._winreindex.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:58 - 000028008 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:58 - 000025960 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:58 - 000025448 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:58 - 000025960 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000031600 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:53 - 000486880 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winxpgui.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:58 - 000029040 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000029024 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:53 - 000036312 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\librsync.dll
2018-05-10 19:11 - 2018-10-09 13:58 - 000025960 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000433992 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2018-05-10 19:11 - 2018-10-09 13:58 - 000035680 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000025920 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\libEGL.DLL
2018-10-10 23:44 - 2018-10-09 13:56 - 001592128 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2018-10-10 23:44 - 2018-10-09 13:57 - 000102736 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.cp35-win32.pyd
2018-09-15 09:05 - 2018-10-09 13:58 - 000028520 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
2018-05-10 19:11 - 2018-10-09 13:58 - 000029544 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000530768 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000348496 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.cp35-win32.pyd
2018-10-10 23:44 - 2018-10-09 13:56 - 000037200 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngine.cp35-win32.pyd
2016-10-31 18:45 - 2016-10-31 18:45 - 000321208 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2018-03-14 19:32 - 2018-03-14 19:32 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-10-06 23:42 - 2018-10-06 23:42 - 025607152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2018-09-20 08:32 - 2018-09-20 08:32 - 000423408 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2018-09-20 08:32 - 2018-09-20 08:32 - 082922992 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2006-10-26 13:56 - 2006-10-26 13:56 - 000757008 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-08-30 16:42 - 2018-08-23 21:50 - 000000023 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1235678525-1039047479-1949144739-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1235678525-1039047479-1949144739-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: eM Client => "C:\Program Files (x86)\eM Client\MailClient.exe" /startup
MSCONFIG\startupreg: GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{837834F1-D9B0-4E99-AD5C-0AAC37E97457}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8B9B1C2A-8F8B-4B66-8060-210DDA6EDFD6}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{24547E1B-23E5-4A99-A87D-48F1321C297A}] => (Allow) C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{22366F7D-9F09-4BFF-A050-B5487473F0C9}] => (Allow) C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{B2789B3A-CD76-409D-85C2-D8E8382293FA}C:\users\admin\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\admin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{D45D69AF-4B35-44EC-BDDF-402F630240D2}C:\users\admin\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\admin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{BCDD9AC4-044B-454C-92DE-DE7BF932F756}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B8B1F341-7655-4DBF-8927-AD0B5805EC13}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{25A8FFCD-1749-46C7-9FD4-5CA7FE550ECA}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{77933573-D0CA-4A43-9B6C-FC9578512F27}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [TCP Query User{CC26072A-9446-4512-BC70-E26AB5EEC4CA}C:\program files (x86)\litecoin\litecoin-qt.exe] => (Allow) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [UDP Query User{DAAD91F7-FBD0-4BE9-BED1-F85DBFB473DD}C:\program files (x86)\litecoin\litecoin-qt.exe] => (Allow) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [{0F833EA1-6DD9-41C8-B69C-3275C0EF8A23}] => (Block) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [{BD5C2C69-F221-4B9D-AB72-80B600DC15BC}] => (Block) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [{0075998C-FD5A-4C0F-9F4C-C396E2DA83EB}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{6D217590-9BF7-4DDA-9B8D-ED63BC228771}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [TCP Query User{B7167F61-D7D7-4BC0-BC6D-E6A1353495F3}C:\users\admin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\admin\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{8D9F337A-0F4A-47A3-8CF3-0483B26D26CC}C:\users\admin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\admin\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{A6496868-DC3D-48E1-855E-F428B8E14D6E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{DF35A940-34B8-4201-8909-59CF6FD3FDC6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{25443CF5-DE69-4D3F-9650-9348F7158B14}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{62F2A366-DCD3-4A01-B5C0-343C0D755B2C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5068B78A-E6A1-40D8-93F3-6AF48F9D18DD}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C76F80BD-706D-4B7F-B025-84F3CE8FAF2A}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{367F1830-E4C1-4304-B7F6-17827C3CEB39}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{95269959-CE9D-4824-B40E-3C988EEB5097}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{1FAA0AC0-59A2-41C6-841B-7F07BAC5C09B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{63BAE4C4-8C33-4874-A859-414713700EAF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{2BBCBD54-E7C5-4561-9A18-1C2B57E36197}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{1A7AD5DB-1BE6-4F3B-A73F-6D2282801A4F}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{7C3A1304-4A86-4CEB-B4AB-B6AF6EF2B057}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{DEF52090-F622-401F-9076-7E58ACFA89B7}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{3F117F21-6EA7-476F-818A-683337940910}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{200DC49F-47EC-47D9-A9E5-19E6A5CEDCD9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{1D9FDC21-E91F-4C54-BDA3-82E5154B7839}C:\program files\litecoin\litecoin-qt.exe] => (Allow) C:\program files\litecoin\litecoin-qt.exe
FirewallRules: [UDP Query User{498F8287-1C47-46DA-83DB-6DC1FD5E45B4}C:\program files\litecoin\litecoin-qt.exe] => (Allow) C:\program files\litecoin\litecoin-qt.exe
FirewallRules: [{5F833620-2B95-468E-BBC2-003D20BE14CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14F51155-92AF-4DAA-8B1F-BA8F1EB5D851}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EC6E7EA5-5A92-4A1F-86BC-90944946D4C7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{1AD2C1F5-542D-4F41-868E-CEB73A07C4A2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{17B2B773-E612-415B-9745-0CCC1A6D5F72}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{320B2363-86C9-4BF6-952B-C2475E010EDE}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{CE0B0BA4-CD40-43DF-8FEF-5317AA418CB2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{61022DC3-F5DF-455A-A3DD-46F6EB3E9B88}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E04FE637-C0A0-46BF-8722-92BD2726DD0E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7A1F22D0-08FE-4825-8554-DFF0F8A7177F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{17F08BCD-BEA6-4ECD-8855-EFD61ABC54E4}] => (Allow) C:\Program Files (x86)\CCleaner\CCUpdate.exe
FirewallRules: [{AC62C70F-0E79-43AA-A0A4-56E2B600DA10}] => (Allow) C:\Program Files (x86)\CCleaner\CCUpdate.exe
FirewallRules: [{8B6C9572-48A2-4A51-8B1E-C7738B2A43F1}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{2190F047-FB38-4823-B076-1E7EBED333AD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{046974CB-49CF-4882-A9E3-AA94755AA327}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1612ABC8-E172-440D-8D9E-B8F8C333D213}] => (Allow) C:\Program Files (x86)\CCleaner\CCUpdate.exe
FirewallRules: [{D2295F13-8B28-4472-894D-FD4F352DDD6E}] => (Allow) C:\Program Files (x86)\CCleaner\CCUpdate.exe
FirewallRules: [{819CF688-5217-46C9-87EC-ECB6DAB59120}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{56099CE3-E1FE-4497-9D42-E5BDD8EDA295}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{56A15865-2DD0-41A7-894C-D4C25A5B1B65}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{83E8EC87-796D-4119-83AE-C901C7E355D7}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5439CB06-8A5F-4EA5-A450-821419F408BC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
==================== Restore Points =========================
20-08-2018 08:23:26 Naplánovaný kontrolní bod
23-08-2018 07:41:07 Windows Update
30-08-2018 12:13:31 Naplánovaný kontrolní bod
08-09-2018 16:47:28 Naplánovaný kontrolní bod
15-09-2018 09:00:21 Windows Update
22-09-2018 10:30:15 Naplánovaný kontrolní bod
02-10-2018 07:45:44 Naplánovaný kontrolní bod
11-10-2018 08:03:49 Naplánovaný kontrolní bod
12-10-2018 03:00:12 Windows Update
14-10-2018 03:00:12 Windows Update
21-10-2018 18:49:12 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/23/2018 09:03:40 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (10/23/2018 09:03:40 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (10/23/2018 09:03:40 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (10/23/2018 09:03:40 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0
Error: (10/23/2018 09:03:40 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0
Error: (10/23/2018 09:03:40 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0
Error: (10/22/2018 10:14:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7457
Error: (10/22/2018 10:14:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7457
System errors:
=============
Error: (10/12/2018 03:21:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Lenovo Platform Service bylo dosaženo časového limitu (30000 ms).
Error: (10/12/2018 03:20:58 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/09/2018 07:22:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (10/09/2018 07:22:55 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.
Error: (10/09/2018 07:22:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Lenovo Platform Service bylo dosaženo časového limitu (30000 ms).
Error: (10/08/2018 10:21:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SpyHunter 5 Kernel byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/08/2018 10:18:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (10/08/2018 10:18:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Windows Defender:
===================================
Date: 2015-08-30 16:42:27.308
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... atid=14994
Název:SettingsModifier:Win32/PossibleHostsFileHijack
ID:14994
Závažnost:Střední
Kategorie:Program měnící nastavení
Nalezeno v cestě:file:C:\Windows\system32\drivers\etc\hosts;process:pid:2540
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe
Date: 2015-08-29 02:38:41.961
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... atid=14994
Název:SettingsModifier:Win32/PossibleHostsFileHijack
ID:14994
Závažnost:Střední
Kategorie:Program měnící nastavení
Nalezeno v cestě:file:C:\Windows\system32\drivers\etc\hosts
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe
Date: 2015-08-26 06:59:29.627
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... atid=14994
Název:SettingsModifier:Win32/PossibleHostsFileHijack
ID:14994
Závažnost:Střední
Kategorie:Program měnící nastavení
Nalezeno v cestě:file:C:\Windows\system32\drivers\etc\hosts
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe
Date: 2015-08-25 07:49:22.812
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... atid=14994
Název:SettingsModifier:Win32/PossibleHostsFileHijack
ID:14994
Závažnost:Střední
Kategorie:Program měnící nastavení
Nalezeno v cestě:file:C:\Windows\system32\drivers\etc\hosts
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe
Date: 2015-08-20 04:47:17.266
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... atid=14994
Název:SettingsModifier:Win32/PossibleHostsFileHijack
ID:14994
Závažnost:Střední
Kategorie:Program měnící nastavení
Nalezeno v cestě:file:C:\Windows\system32\drivers\etc\hosts
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe
Date: 2016-10-02 09:47:52.331
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.229.318.0
Verze modulu:1.1.13103.0
Date: 2016-03-21 20:07:34.607
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070003
Popis chyby:Systém nemůže nalézt uvedenou cestu.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2016-03-21 20:07:34.607
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
CodeIntegrity:
===================================
Date: 2018-10-06 10:56:01.124
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-03-30 15:06:23.280
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-03-27 16:39:26.510
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-03-27 15:45:20.545
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-03-27 11:10:39.737
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-03-26 14:50:54.045
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-03-26 14:50:52.609
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-03-26 14:50:51.235
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 99%
Total physical RAM: 3791.8 MB
Available physical RAM: 29.55 MB
Total Virtual: 9311.56 MB
Available Virtual: 867.27 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.49 GB) (Free:47.85 GB) NTFS
\\?\Volume{a5859f4a-7f5b-11e3-8b18-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.08 GB) (Free:0.05 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: BD5409BF)
Partition 1: (Active) - (Size=78 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Avast opakovane hlasi bez vyleceni + pomaly pocitac
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Avast opakovane hlasi bez vyleceni + pomaly pocitac
Níže doplňuji ještě log z RSITu:
RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2018-10-23 22:15:09
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 49 GB (21%) free of 229 GB
Total RAM: 3792 MB (3% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:15:10, on 23.10.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe
C:\Users\admin\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\admin\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
C:\Users\admin\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Cold Turkey\Cold Turkey.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/yhs/web?hspart ... 0520__yaie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe" Minimum
O4 - HKCU\..\Run: [f.lux] "C:\Users\admin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [AirDroid 3] C:\Program Files (x86)\AirDroid\AirDroid.exe /start
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1235678525-1039047479-1949144739-501\..\Run: [eM Client] "C:\Program Files (x86)\eM Client\MailClient.exe" /startup (User 'Guest')
O4 - HKUS\S-1-5-21-1235678525-1039047479-1949144739-501\..\Run: [f.lux] "C:\Users\admin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow (User 'Guest')
O4 - HKUS\S-1-5-21-1235678525-1039047479-1949144739-501\..\Run: [uTorrent] "C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED (User 'Guest')
O4 - HKUS\S-1-5-21-1235678525-1039047479-1949144739-501\..\Run: [EpicScale] (User 'Guest')
O4 - HKUS\S-1-5-21-1235678525-1039047479-1949144739-501\..\Run: [Spotify Web Helper] "C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe" (User 'Guest')
O4 - HKUS\S-1-5-21-1235678525-1039047479-1949144739-501\..\Run: [Spotify] "C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized (User 'Guest')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Dropbox.lnk = admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Vystřihnout záložku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CTService - Felix Belzile - C:\Program Files (x86)\Cold Turkey\\CTService.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\Windows\system32\LPlatSvc.exe (file missing)
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Power Manager Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 17026 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 24804368
\??\C:\Windows\system32\conhost.exe "-112173239111032516699099309731860462249-104129525819022650721172852829-1705267536
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Cold Turkey\\CTService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Windows\Explorer.EXE
taskeng.exe {0B77192F-E253-4BDE-9784-F87ACB921880}
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
"C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe" -Embedding
"C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe" /IpNotifyInstance
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe" Minimum
"C:\Users\admin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe"
"C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -os-restarted
"C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:crashpad-handler --no-upload-gzip --no-rate-limit --capture-python --no-identify-client-via-url --database=C:\Users\admin\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-59.4.93 --annotation=client_session_id=33ddafab-f13d-43cb-b3f9-8028c2931beb --annotation=host_int_account1_boot=992279444 --annotation=machine_id=554b9e22-4bf3-45a9-b14c-65bc59202c21 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xdc,0xe0,0xe4,0xd8,0xe8,0x5f340da4,0x5f340db4,0x5f340dc4
AvastUI.exe /nogui
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:exit-monitor -session-token:33ddafab-f13d-43cb-b3f9-8028c2931beb -target-handle:240 -target-shutdown-event:232 -target-restart-event:216 "-target-command-line:\"C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe\" /systemstartup" -python-version:3.5.4 -method:collectupload -handler-pipe:\\.\pipe\crashpad_5404_YEDWWKXUGCRMEMJD
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Users\admin\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe" uTorrent_5480_03C1CAA8_2010184143 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5472.0.827139890\1019840557" -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - "C:\Users\admin\AppData\LocalLow\Mozilla\Temp-{5471273e-bd4d-4a86-ba02-e847bb9c5079}" 5472 "\\.\pipe\gecko-crash-server-pipe.5472" 1072 gpu
"C:\Users\admin\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe" uTorrent_5480_03C1C7B0_1089112351 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5472.1.528483371\1498373503" -childID 1 -isForBrowser -prefsHandle 1684 -prefsLen 7395 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5472 "\\.\pipe\gecko-crash-server-pipe.5472" 1696 tab
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5472.20.885277656\1282236098" -childID 3 -isForBrowser -prefsHandle 3528 -prefsLen 11205 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5472 "\\.\pipe\gecko-crash-server-pipe.5472" 3556 tab
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5472.48.1068929858\2063084960" -childID 7 -isForBrowser -prefsHandle 3372 -prefsLen 11881 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5472 "\\.\pipe\gecko-crash-server-pipe.5472" 3332 tab
"C:\Program Files (x86)\Cold Turkey\Cold Turkey.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5472.90.1593730592\373969170" -childID 13 -isForBrowser -prefsHandle 2300 -prefsLen 11928 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5472 "\\.\pipe\gecko-crash-server-pipe.5472" 3088 tab
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\admin\AppData\Local\Temp\isp-Draslarova-stazeno-1-10-2018.pdf"
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" --type=renderer "C:\Users\admin\AppData\Local\Temp\isp-Draslarova-stazeno-1-10-2018.pdf"
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --locale=cs_cz --backgroundcolor=16514043
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=3B7ECE44D944F90D69DE06661249D983 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.8.20071 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=3B7ECE44D944F90D69DE06661249D983 --renderer-client-id=5 --mojo-platform-channel-handle=1288 --allow-no-sandbox-job /prefetch:1
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=F20974D646F064D8415A39E524633E55 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.8.20071 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=F20974D646F064D8415A39E524633E55 --renderer-client-id=10 --mojo-platform-channel-handle=1520 --allow-no-sandbox-job /prefetch:1
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5472.118.1640165104\1454873832" -childID 17 -isForBrowser -prefsHandle 6392 -prefsLen 11870 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5472 "\\.\pipe\gecko-crash-server-pipe.5472" 3116 tab
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled -critical
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {423C5A9F-7023-4D61-8B4B-69D58704FD27}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\admin\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1235678525-1039047479-1949144739-1000Core.job - C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1235678525-1039047479-1949144739-1000UA.job - C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\d9t8npmo.default-1539031801572
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 31.0.0.108 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.181.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.181.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 31.0.0.108 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-10-06 480120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-10-31 586936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-10-06 194424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TpShocks"=C:\Windows\SYSTEM32\TpShocks.exe [2014-02-17 384344]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2014-01-28 297008]
"AcWin7Hlpr"=C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [2015-06-08 63728]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-13 13653208]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-30 1321688]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-09-05 242392]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2018-08-23 301880]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart []
"OscarEditor"=C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe [2012-05-18 3538944]
"f.lux"=C:\Users\admin\AppData\Local\FluxSoftware\Flux\flux.exe [2018-07-03 1806344]
"EpicScale"= []
"AirDroid 3"=C:\Program Files (x86)\AirDroid\AirDroid.exe /start []
"Dropbox Update"=C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05 143144]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize []
"CCleaner Smart Cleaning"=C:\Program Files (x86)\CCleaner\CCleaner64.exe [2018-09-19 18594760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-10-06 1454080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2014-02-24 3129560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eM Client]
C:\Program Files (x86)\eM Client\MailClient.exe /startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57]
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2018-09-15 1469784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2013-11-28 407536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2013-11-28 165872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2013-11-28 444400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-07-28 781712]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-05-30 132920]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-07-18 292088]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-02-11 2239376]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2013-06-17 66560]
"PWMTRV"=rundll32 C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31 508656]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-07-07 601424]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\SYSTEM32\igfxdev.dll [2013-11-16 441344]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-10-23 22:11:40 ----D---- C:\rsit
2018-10-23 22:01:58 ----D---- C:\FRST
2018-10-21 19:51:13 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2018-10-21 19:51:04 ----A---- C:\Windows\system32\aswBoot.exe
2018-10-09 20:58:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-10-09 20:58:08 ----A---- C:\Windows\system32\mshtml.dll
2018-10-09 20:58:07 ----A---- C:\Windows\system32\wmp.dll
2018-10-09 20:58:06 ----A---- C:\Windows\SYSWOW64\wmp.dll
2018-10-09 20:58:06 ----A---- C:\Windows\system32\win32k.sys
2018-10-09 20:58:06 ----A---- C:\Windows\system32\ieframe.dll
2018-10-09 20:58:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-10-09 20:58:05 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-10-09 20:58:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-10-09 20:58:05 ----A---- C:\Windows\system32\urlmon.dll
2018-10-09 20:58:05 ----A---- C:\Windows\system32\termsrv.dll
2018-10-09 20:58:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-10-09 20:58:05 ----A---- C:\Windows\system32\msxml6.dll
2018-10-09 20:58:05 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-10-09 20:58:05 ----A---- C:\Windows\system32\diagtrack.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\themeui.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\itss.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\themeui.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\ntdll.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-10-09 20:58:04 ----A---- C:\Windows\system32\KernelBase.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\itss.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\iedkcs32.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\gdi32.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-10-09 20:58:04 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2018-10-09 20:58:04 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2018-10-09 20:58:04 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\wininet.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\schannel.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\jscript9.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\hal.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-10-09 20:58:03 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-10-09 20:58:03 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-10-09 20:58:03 ----A---- C:\Windows\system32\certcli.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\cdd.dll
2018-10-09 20:58:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-10-09 20:58:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-10-09 20:58:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\vbscript.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\rpcrt4.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\msfeeds.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\jscript.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\ieui.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\iertutil.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\ieapfltr.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\webcheck.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\UtcResources.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\smss.exe
2018-10-09 20:58:01 ----A---- C:\Windows\system32\occache.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\msrating.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\mshtmled.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\lsasrv.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\jsproxy.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\jscript9diag.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\dxtrans.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\dxtmsft.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\itircl.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\wow64win.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\wow64.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\winsrv.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\wdigest.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\TSpkg.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\sspicli.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\srcore.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\spwmp.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\rpchttp.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\ncrypt.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\msv1_0.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\kernel32.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\kerberos.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\itircl.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\inseng.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\ieUnatt.exe
2018-10-09 20:58:00 ----A---- C:\Windows\system32\iesetup.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\iernonce.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-10-09 20:58:00 ----A---- C:\Windows\system32\ie4uinit.exe
2018-10-09 20:58:00 ----A---- C:\Windows\system32\dxmasf.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\drivers\processr.sys
2018-10-09 20:58:00 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-10-09 20:58:00 ----A---- C:\Windows\system32\drivers\intelppm.sys
2018-10-09 20:58:00 ----A---- C:\Windows\system32\drivers\amdk8.sys
2018-10-09 20:58:00 ----A---- C:\Windows\system32\csrsrv.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\conhost.exe
2018-10-09 20:58:00 ----A---- C:\Windows\system32\bcrypt.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\advapi32.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\user.exe
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\wow64cpu.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\wmploc.DLL
2018-10-09 20:57:59 ----A---- C:\Windows\system32\sspisrv.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\srclient.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\secur32.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\rstrui.exe
2018-10-09 20:57:59 ----A---- C:\Windows\system32\ntvdm64.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\lsass.exe
2018-10-09 20:57:59 ----A---- C:\Windows\system32\drivers\appid.sys
2018-10-09 20:57:59 ----A---- C:\Windows\system32\drivers\amdppm.sys
2018-10-09 20:57:59 ----A---- C:\Windows\system32\cryptbase.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\credssp.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\auditpol.exe
2018-10-09 20:57:59 ----A---- C:\Windows\system32\appidsvc.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-10-09 20:57:59 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-10-09 20:57:59 ----A---- C:\Windows\system32\appidapi.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\apisetschema.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\aeinv.dll
2018-10-09 20:57:58 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2018-10-09 20:57:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-10-09 20:57:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-10-09 20:57:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-10-09 20:57:58 ----A---- C:\Windows\system32\msxml6r.dll
2018-10-09 20:57:58 ----A---- C:\Windows\system32\msobjs.dll
2018-10-09 20:57:58 ----A---- C:\Windows\system32\msaudite.dll
2018-10-09 20:57:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-10-09 20:57:58 ----A---- C:\Windows\system32\adtschema.dll
2018-10-06 10:59:15 ----D---- C:\Program Files\iPod
2018-10-06 10:59:02 ----D---- C:\Program Files\iTunes
2018-10-06 10:55:29 ----D---- C:\Program Files (x86)\Microsoft
2018-10-06 10:54:59 ----D---- C:\Users\admin\AppData\Roaming\Sun
======List of files/folders modified in the last 1 month======
2018-10-23 22:15:10 ----D---- C:\Program Files\trend micro
2018-10-23 22:14:17 ----D---- C:\Users\admin\AppData\Roaming\uTorrent
2018-10-23 22:13:37 ----D---- C:\Windows\Temp
2018-10-23 22:12:27 ----D---- C:\Windows\system32\config
2018-10-23 22:11:43 ----D---- C:\Windows\system32\drivers\etc
2018-10-23 22:03:21 ----D---- C:\Windows
2018-10-23 22:00:35 ----D---- C:\Users\admin\AppData\Roaming\vlc
2018-10-21 19:51:14 ----D---- C:\Windows\system32\Tasks
2018-10-21 19:51:13 ----D---- C:\Windows\system32\drivers
2018-10-21 19:51:04 ----D---- C:\Windows\System32
2018-10-21 19:50:59 ----D---- C:\ProgramData\AVAST Software
2018-10-21 18:49:27 ----SHD---- C:\System Volume Information
2018-10-13 23:52:09 ----D---- C:\ProgramData\Lenovo
2018-10-13 23:45:33 ----D---- C:\Windows\inf
2018-10-13 23:45:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-10-12 03:58:36 ----D---- C:\Windows\rescache
2018-10-12 03:22:10 ----D---- C:\Windows\winsxs
2018-10-12 03:21:06 ----D---- C:\Windows\SYSWOW64\en-US
2018-10-12 03:21:06 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-10-12 03:21:06 ----D---- C:\Windows\SysWOW64
2018-10-12 03:21:06 ----D---- C:\Windows\system32\en-US
2018-10-12 03:21:06 ----D---- C:\Windows\system32\cs-CZ
2018-10-12 03:21:06 ----D---- C:\Program Files\Windows Media Player
2018-10-12 03:21:06 ----D---- C:\Program Files\Internet Explorer
2018-10-12 03:21:06 ----D---- C:\Program Files (x86)\Windows Media Player
2018-10-12 03:21:06 ----D---- C:\Program Files (x86)\Internet Explorer
2018-10-12 03:21:05 ----D---- C:\Windows\system32\DriverStore
2018-10-12 03:21:05 ----D---- C:\Windows\system32\Boot
2018-10-12 03:21:05 ----D---- C:\Windows\AppPatch
2018-10-12 03:04:09 ----D---- C:\Windows\system32\MRT
2018-10-12 03:00:48 ----D---- C:\Windows\debug
2018-10-12 03:00:36 ----AC---- C:\Windows\system32\MRT.exe
2018-10-11 07:14:22 ----SHD---- C:\Windows\Installer
2018-10-10 23:44:41 ----D---- C:\Users\admin\AppData\Roaming\Dropbox
2018-10-09 20:53:53 ----D---- C:\Windows\system32\catroot2
2018-10-09 07:22:29 ----HD---- C:\ProgramData
2018-10-09 07:22:29 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-09 07:22:29 ----D---- C:\Program Files (x86)\Mozilla Firefox
2018-10-08 22:55:10 ----D---- C:\Program Files
2018-10-08 22:53:58 ----D---- C:\Windows\Panther
2018-10-08 22:53:58 ----D---- C:\Windows\ModemLogs
2018-10-08 22:53:58 ----D---- C:\Windows\Minidump
2018-10-08 22:53:58 ----D---- C:\Windows\Logs
2018-10-08 22:15:38 ----RD---- C:\Program Files (x86)
2018-10-06 14:53:51 ----D---- C:\Program Files\WinRAR
2018-10-06 10:55:42 ----D---- C:\Users\admin\AppData\Roaming\Skype
2018-10-06 10:55:40 ----SD---- C:\Users\admin\AppData\Roaming\Microsoft
2018-10-06 10:55:29 ----D---- C:\ProgramData\Skype
2018-10-06 10:55:28 ----RD---- C:\Program Files (x86)\Skype
2018-10-06 10:55:28 ----D---- C:\Program Files (x86)\Common Files
2018-10-06 10:54:32 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2018-10-06 10:54:11 ----D---- C:\Program Files (x86)\Java
2018-10-06 10:53:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-10-06 10:53:25 ----D---- C:\Windows\system32\Macromed
2018-10-06 10:53:16 ----D---- C:\Windows\SYSWOW64\Macromed
2018-09-25 07:17:19 ----D---- C:\Windows\system32\NDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-10-21 201928]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-10-21 346760]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-10-21 59664]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-10-21 88112]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-10-21 381144]
R0 DzHDD64;DzHDD64; C:\Windows\System32\DRIVERS\DzHDD64.sys [2016-04-14 29512]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-05-30 569152]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-02 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-02 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-07-18 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2014-01-29 152888]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2014-01-29 29496]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-10-21 201408]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-10-21 230512]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-10-21 185240]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-10-21 111968]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-10-21 1028840]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-10-21 467904]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2018-06-29 516096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-05-27 283064]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2016-04-14 29008]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-10-21 163376]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-10-21 208640]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2014-08-19 36600]
R2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-05-25 101888]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2013-08-21 494864]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2016-09-06 82232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-16 4447616]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-09-13 3641688]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-11-16 449496]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-07-18 358896]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-07-18 795632]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2013-11-11 25528]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-05-13 64624]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwsw01.sys [2015-05-04 11534096]
R3 RCUVCAVS;Ricoh UVC AVStream driver; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [2013-07-05 177920]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-11-15 45296]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-11-15 461040]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 usb3Hub;UoIP Hub; C:\Windows\system32\DRIVERS\usb3Hub.sys [2013-06-20 206744]
S1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2018-10-21 42456]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-10-21 47064]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-01-21 44640]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-03-27 170200]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-12-04 598808]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-03-06 210984]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
S3 cmnxusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s 20140303; C:\Windows\system32\DRIVERS\cmnxusbser.sys [2015-11-24 146424]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-11-11 35256]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 tap-tb-0901;TunnelBear Adapter V9; C:\Windows\system32\DRIVERS\tap-tb-0901.sys [2014-08-12 38656]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tvtvcamd;Camera Plus (VGA Resolution Maximum); C:\Windows\system32\DRIVERS\tvtvcamd.sys [2013-09-26 27432]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2018-05-04 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [2015-06-08 133360]
R2 AcSvc;AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [2015-06-08 276720]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-08-14 83984]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-07-05 83768]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-09-05 322464]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2013-05-14 1008344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTService;CTService; C:\Program Files (x86)\Cold Turkey\\CTService.exe [2015-01-18 324096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2016-02-08 640928]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2016-09-06 180736]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-30 167736]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2014-01-28 59952]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2015-11-26 110248]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2014-01-28 74288]
R2 LENOVO.TVTVCAM;Lenovo Virtual Camera Controller; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-01-28 198704]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2014-07-08 115184]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-30 364856]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2016-02-08 157088]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2016-03-11 133136]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2015-05-29 126408]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-09-05 7994520]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2018-08-23 659768]
R3 Power Manager DBC Service;Power Manager Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2016-04-14 1668776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LPlatSvc;Lenovo Platform Service; C:\Windows\system32\LPlatSvc.exe [2016-09-06 710144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-06 335872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-28 279024]
S3 DozeSvc;Lenovo Doze Mode Service; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2016-04-14 326160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-09-18 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-06-02 273232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-10-07 196048]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-02-08 268192]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2016-09-10 28544]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2014-01-29 49976]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2018-10-23 22:15:09
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 49 GB (21%) free of 229 GB
Total RAM: 3792 MB (3% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:15:10, on 23.10.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe
C:\Users\admin\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\admin\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
C:\Users\admin\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Cold Turkey\Cold Turkey.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/yhs/web?hspart ... 0520__yaie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe" Minimum
O4 - HKCU\..\Run: [f.lux] "C:\Users\admin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [AirDroid 3] C:\Program Files (x86)\AirDroid\AirDroid.exe /start
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1235678525-1039047479-1949144739-501\..\Run: [eM Client] "C:\Program Files (x86)\eM Client\MailClient.exe" /startup (User 'Guest')
O4 - HKUS\S-1-5-21-1235678525-1039047479-1949144739-501\..\Run: [f.lux] "C:\Users\admin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow (User 'Guest')
O4 - HKUS\S-1-5-21-1235678525-1039047479-1949144739-501\..\Run: [uTorrent] "C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED (User 'Guest')
O4 - HKUS\S-1-5-21-1235678525-1039047479-1949144739-501\..\Run: [EpicScale] (User 'Guest')
O4 - HKUS\S-1-5-21-1235678525-1039047479-1949144739-501\..\Run: [Spotify Web Helper] "C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe" (User 'Guest')
O4 - HKUS\S-1-5-21-1235678525-1039047479-1949144739-501\..\Run: [Spotify] "C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized (User 'Guest')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Dropbox.lnk = admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Vystřihnout záložku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CTService - Felix Belzile - C:\Program Files (x86)\Cold Turkey\\CTService.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\Windows\system32\LPlatSvc.exe (file missing)
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Power Manager Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 17026 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 24804368
\??\C:\Windows\system32\conhost.exe "-112173239111032516699099309731860462249-104129525819022650721172852829-1705267536
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Cold Turkey\\CTService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Windows\Explorer.EXE
taskeng.exe {0B77192F-E253-4BDE-9784-F87ACB921880}
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
"C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe" -Embedding
"C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe" /IpNotifyInstance
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe" Minimum
"C:\Users\admin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe"
"C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -os-restarted
"C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:crashpad-handler --no-upload-gzip --no-rate-limit --capture-python --no-identify-client-via-url --database=C:\Users\admin\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-59.4.93 --annotation=client_session_id=33ddafab-f13d-43cb-b3f9-8028c2931beb --annotation=host_int_account1_boot=992279444 --annotation=machine_id=554b9e22-4bf3-45a9-b14c-65bc59202c21 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xdc,0xe0,0xe4,0xd8,0xe8,0x5f340da4,0x5f340db4,0x5f340dc4
AvastUI.exe /nogui
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:exit-monitor -session-token:33ddafab-f13d-43cb-b3f9-8028c2931beb -target-handle:240 -target-shutdown-event:232 -target-restart-event:216 "-target-command-line:\"C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe\" /systemstartup" -python-version:3.5.4 -method:collectupload -handler-pipe:\\.\pipe\crashpad_5404_YEDWWKXUGCRMEMJD
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Users\admin\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe" uTorrent_5480_03C1CAA8_2010184143 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5472.0.827139890\1019840557" -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - "C:\Users\admin\AppData\LocalLow\Mozilla\Temp-{5471273e-bd4d-4a86-ba02-e847bb9c5079}" 5472 "\\.\pipe\gecko-crash-server-pipe.5472" 1072 gpu
"C:\Users\admin\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe" uTorrent_5480_03C1C7B0_1089112351 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5472.1.528483371\1498373503" -childID 1 -isForBrowser -prefsHandle 1684 -prefsLen 7395 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5472 "\\.\pipe\gecko-crash-server-pipe.5472" 1696 tab
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5472.20.885277656\1282236098" -childID 3 -isForBrowser -prefsHandle 3528 -prefsLen 11205 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5472 "\\.\pipe\gecko-crash-server-pipe.5472" 3556 tab
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5472.48.1068929858\2063084960" -childID 7 -isForBrowser -prefsHandle 3372 -prefsLen 11881 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5472 "\\.\pipe\gecko-crash-server-pipe.5472" 3332 tab
"C:\Program Files (x86)\Cold Turkey\Cold Turkey.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5472.90.1593730592\373969170" -childID 13 -isForBrowser -prefsHandle 2300 -prefsLen 11928 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5472 "\\.\pipe\gecko-crash-server-pipe.5472" 3088 tab
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\admin\AppData\Local\Temp\isp-Draslarova-stazeno-1-10-2018.pdf"
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" --type=renderer "C:\Users\admin\AppData\Local\Temp\isp-Draslarova-stazeno-1-10-2018.pdf"
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --locale=cs_cz --backgroundcolor=16514043
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=3B7ECE44D944F90D69DE06661249D983 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.8.20071 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=3B7ECE44D944F90D69DE06661249D983 --renderer-client-id=5 --mojo-platform-channel-handle=1288 --allow-no-sandbox-job /prefetch:1
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=F20974D646F064D8415A39E524633E55 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.8.20071 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=F20974D646F064D8415A39E524633E55 --renderer-client-id=10 --mojo-platform-channel-handle=1520 --allow-no-sandbox-job /prefetch:1
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5472.118.1640165104\1454873832" -childID 17 -isForBrowser -prefsHandle 6392 -prefsLen 11870 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5472 "\\.\pipe\gecko-crash-server-pipe.5472" 3116 tab
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled -critical
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {423C5A9F-7023-4D61-8B4B-69D58704FD27}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\admin\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1235678525-1039047479-1949144739-1000Core.job - C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-1235678525-1039047479-1949144739-1000UA.job - C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\d9t8npmo.default-1539031801572
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 31.0.0.108 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.181.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.181.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 31.0.0.108 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-10-06 480120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-10-31 586936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-10-06 194424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TpShocks"=C:\Windows\SYSTEM32\TpShocks.exe [2014-02-17 384344]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2014-01-28 297008]
"AcWin7Hlpr"=C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [2015-06-08 63728]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-13 13653208]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-30 1321688]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-09-05 242392]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2018-08-23 301880]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart []
"OscarEditor"=C:\Program Files (x86)\G9G11_ScreenCapture\ScreenCapture.exe [2012-05-18 3538944]
"f.lux"=C:\Users\admin\AppData\Local\FluxSoftware\Flux\flux.exe [2018-07-03 1806344]
"EpicScale"= []
"AirDroid 3"=C:\Program Files (x86)\AirDroid\AirDroid.exe /start []
"Dropbox Update"=C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05 143144]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize []
"CCleaner Smart Cleaning"=C:\Program Files (x86)\CCleaner\CCleaner64.exe [2018-09-19 18594760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-10-06 1454080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2014-02-24 3129560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eM Client]
C:\Program Files (x86)\eM Client\MailClient.exe /startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57]
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2018-09-15 1469784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2013-11-28 407536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2013-11-28 165872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2013-11-28 444400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-07-28 781712]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-05-30 132920]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-07-18 292088]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-02-11 2239376]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2013-06-17 66560]
"PWMTRV"=rundll32 C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31 508656]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-07-07 601424]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\SYSTEM32\igfxdev.dll [2013-11-16 441344]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-10-23 22:11:40 ----D---- C:\rsit
2018-10-23 22:01:58 ----D---- C:\FRST
2018-10-21 19:51:13 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2018-10-21 19:51:04 ----A---- C:\Windows\system32\aswBoot.exe
2018-10-09 20:58:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-10-09 20:58:08 ----A---- C:\Windows\system32\mshtml.dll
2018-10-09 20:58:07 ----A---- C:\Windows\system32\wmp.dll
2018-10-09 20:58:06 ----A---- C:\Windows\SYSWOW64\wmp.dll
2018-10-09 20:58:06 ----A---- C:\Windows\system32\win32k.sys
2018-10-09 20:58:06 ----A---- C:\Windows\system32\ieframe.dll
2018-10-09 20:58:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-10-09 20:58:05 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-10-09 20:58:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-10-09 20:58:05 ----A---- C:\Windows\system32\urlmon.dll
2018-10-09 20:58:05 ----A---- C:\Windows\system32\termsrv.dll
2018-10-09 20:58:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-10-09 20:58:05 ----A---- C:\Windows\system32\msxml6.dll
2018-10-09 20:58:05 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-10-09 20:58:05 ----A---- C:\Windows\system32\diagtrack.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\themeui.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\itss.dll
2018-10-09 20:58:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\themeui.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\ntdll.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-10-09 20:58:04 ----A---- C:\Windows\system32\KernelBase.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\itss.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\iedkcs32.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\gdi32.dll
2018-10-09 20:58:04 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-10-09 20:58:04 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2018-10-09 20:58:04 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2018-10-09 20:58:04 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2018-10-09 20:58:03 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\wininet.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\schannel.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\jscript9.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\hal.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-10-09 20:58:03 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-10-09 20:58:03 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-10-09 20:58:03 ----A---- C:\Windows\system32\certcli.dll
2018-10-09 20:58:03 ----A---- C:\Windows\system32\cdd.dll
2018-10-09 20:58:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-10-09 20:58:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-10-09 20:58:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\vbscript.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\rpcrt4.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\msfeeds.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\jscript.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\ieui.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\iertutil.dll
2018-10-09 20:58:02 ----A---- C:\Windows\system32\ieapfltr.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-10-09 20:58:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\webcheck.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\UtcResources.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\smss.exe
2018-10-09 20:58:01 ----A---- C:\Windows\system32\occache.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\msrating.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\mshtmled.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\lsasrv.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\jsproxy.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\jscript9diag.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\dxtrans.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\dxtmsft.dll
2018-10-09 20:58:01 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\itircl.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2018-10-09 20:58:00 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\wow64win.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\wow64.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\winsrv.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\wdigest.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\TSpkg.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\sspicli.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\srcore.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\spwmp.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\rpchttp.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\ncrypt.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\msv1_0.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\kernel32.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\kerberos.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\itircl.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\inseng.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\ieUnatt.exe
2018-10-09 20:58:00 ----A---- C:\Windows\system32\iesetup.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\iernonce.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-10-09 20:58:00 ----A---- C:\Windows\system32\ie4uinit.exe
2018-10-09 20:58:00 ----A---- C:\Windows\system32\dxmasf.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\drivers\processr.sys
2018-10-09 20:58:00 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-10-09 20:58:00 ----A---- C:\Windows\system32\drivers\intelppm.sys
2018-10-09 20:58:00 ----A---- C:\Windows\system32\drivers\amdk8.sys
2018-10-09 20:58:00 ----A---- C:\Windows\system32\csrsrv.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\conhost.exe
2018-10-09 20:58:00 ----A---- C:\Windows\system32\bcrypt.dll
2018-10-09 20:58:00 ----A---- C:\Windows\system32\advapi32.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-10-09 20:57:59 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\user.exe
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-10-09 20:57:59 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\wow64cpu.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\wmploc.DLL
2018-10-09 20:57:59 ----A---- C:\Windows\system32\sspisrv.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\srclient.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\secur32.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\rstrui.exe
2018-10-09 20:57:59 ----A---- C:\Windows\system32\ntvdm64.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\lsass.exe
2018-10-09 20:57:59 ----A---- C:\Windows\system32\drivers\appid.sys
2018-10-09 20:57:59 ----A---- C:\Windows\system32\drivers\amdppm.sys
2018-10-09 20:57:59 ----A---- C:\Windows\system32\cryptbase.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\credssp.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\auditpol.exe
2018-10-09 20:57:59 ----A---- C:\Windows\system32\appidsvc.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-10-09 20:57:59 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-10-09 20:57:59 ----A---- C:\Windows\system32\appidapi.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\apisetschema.dll
2018-10-09 20:57:59 ----A---- C:\Windows\system32\aeinv.dll
2018-10-09 20:57:58 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2018-10-09 20:57:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-10-09 20:57:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-10-09 20:57:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-10-09 20:57:58 ----A---- C:\Windows\system32\msxml6r.dll
2018-10-09 20:57:58 ----A---- C:\Windows\system32\msobjs.dll
2018-10-09 20:57:58 ----A---- C:\Windows\system32\msaudite.dll
2018-10-09 20:57:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-10-09 20:57:58 ----A---- C:\Windows\system32\adtschema.dll
2018-10-06 10:59:15 ----D---- C:\Program Files\iPod
2018-10-06 10:59:02 ----D---- C:\Program Files\iTunes
2018-10-06 10:55:29 ----D---- C:\Program Files (x86)\Microsoft
2018-10-06 10:54:59 ----D---- C:\Users\admin\AppData\Roaming\Sun
======List of files/folders modified in the last 1 month======
2018-10-23 22:15:10 ----D---- C:\Program Files\trend micro
2018-10-23 22:14:17 ----D---- C:\Users\admin\AppData\Roaming\uTorrent
2018-10-23 22:13:37 ----D---- C:\Windows\Temp
2018-10-23 22:12:27 ----D---- C:\Windows\system32\config
2018-10-23 22:11:43 ----D---- C:\Windows\system32\drivers\etc
2018-10-23 22:03:21 ----D---- C:\Windows
2018-10-23 22:00:35 ----D---- C:\Users\admin\AppData\Roaming\vlc
2018-10-21 19:51:14 ----D---- C:\Windows\system32\Tasks
2018-10-21 19:51:13 ----D---- C:\Windows\system32\drivers
2018-10-21 19:51:04 ----D---- C:\Windows\System32
2018-10-21 19:50:59 ----D---- C:\ProgramData\AVAST Software
2018-10-21 18:49:27 ----SHD---- C:\System Volume Information
2018-10-13 23:52:09 ----D---- C:\ProgramData\Lenovo
2018-10-13 23:45:33 ----D---- C:\Windows\inf
2018-10-13 23:45:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-10-12 03:58:36 ----D---- C:\Windows\rescache
2018-10-12 03:22:10 ----D---- C:\Windows\winsxs
2018-10-12 03:21:06 ----D---- C:\Windows\SYSWOW64\en-US
2018-10-12 03:21:06 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-10-12 03:21:06 ----D---- C:\Windows\SysWOW64
2018-10-12 03:21:06 ----D---- C:\Windows\system32\en-US
2018-10-12 03:21:06 ----D---- C:\Windows\system32\cs-CZ
2018-10-12 03:21:06 ----D---- C:\Program Files\Windows Media Player
2018-10-12 03:21:06 ----D---- C:\Program Files\Internet Explorer
2018-10-12 03:21:06 ----D---- C:\Program Files (x86)\Windows Media Player
2018-10-12 03:21:06 ----D---- C:\Program Files (x86)\Internet Explorer
2018-10-12 03:21:05 ----D---- C:\Windows\system32\DriverStore
2018-10-12 03:21:05 ----D---- C:\Windows\system32\Boot
2018-10-12 03:21:05 ----D---- C:\Windows\AppPatch
2018-10-12 03:04:09 ----D---- C:\Windows\system32\MRT
2018-10-12 03:00:48 ----D---- C:\Windows\debug
2018-10-12 03:00:36 ----AC---- C:\Windows\system32\MRT.exe
2018-10-11 07:14:22 ----SHD---- C:\Windows\Installer
2018-10-10 23:44:41 ----D---- C:\Users\admin\AppData\Roaming\Dropbox
2018-10-09 20:53:53 ----D---- C:\Windows\system32\catroot2
2018-10-09 07:22:29 ----HD---- C:\ProgramData
2018-10-09 07:22:29 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-09 07:22:29 ----D---- C:\Program Files (x86)\Mozilla Firefox
2018-10-08 22:55:10 ----D---- C:\Program Files
2018-10-08 22:53:58 ----D---- C:\Windows\Panther
2018-10-08 22:53:58 ----D---- C:\Windows\ModemLogs
2018-10-08 22:53:58 ----D---- C:\Windows\Minidump
2018-10-08 22:53:58 ----D---- C:\Windows\Logs
2018-10-08 22:15:38 ----RD---- C:\Program Files (x86)
2018-10-06 14:53:51 ----D---- C:\Program Files\WinRAR
2018-10-06 10:55:42 ----D---- C:\Users\admin\AppData\Roaming\Skype
2018-10-06 10:55:40 ----SD---- C:\Users\admin\AppData\Roaming\Microsoft
2018-10-06 10:55:29 ----D---- C:\ProgramData\Skype
2018-10-06 10:55:28 ----RD---- C:\Program Files (x86)\Skype
2018-10-06 10:55:28 ----D---- C:\Program Files (x86)\Common Files
2018-10-06 10:54:32 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2018-10-06 10:54:11 ----D---- C:\Program Files (x86)\Java
2018-10-06 10:53:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-10-06 10:53:25 ----D---- C:\Windows\system32\Macromed
2018-10-06 10:53:16 ----D---- C:\Windows\SYSWOW64\Macromed
2018-09-25 07:17:19 ----D---- C:\Windows\system32\NDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-10-21 201928]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-10-21 346760]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-10-21 59664]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-10-21 88112]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-10-21 381144]
R0 DzHDD64;DzHDD64; C:\Windows\System32\DRIVERS\DzHDD64.sys [2016-04-14 29512]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-05-30 569152]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-02 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-02 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-07-18 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2014-01-29 152888]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2014-01-29 29496]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-10-21 201408]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-10-21 230512]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-10-21 185240]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-10-21 111968]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-10-21 1028840]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-10-21 467904]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2018-06-29 516096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-05-27 283064]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2016-04-14 29008]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-10-21 163376]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-10-21 208640]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2014-08-19 36600]
R2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-05-25 101888]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2013-08-21 494864]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2016-09-06 82232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-16 4447616]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-09-13 3641688]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-11-16 449496]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-07-18 358896]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-07-18 795632]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2013-11-11 25528]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-05-13 64624]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwsw01.sys [2015-05-04 11534096]
R3 RCUVCAVS;Ricoh UVC AVStream driver; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [2013-07-05 177920]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-11-15 45296]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-11-15 461040]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 usb3Hub;UoIP Hub; C:\Windows\system32\DRIVERS\usb3Hub.sys [2013-06-20 206744]
S1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2018-10-21 42456]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-10-21 47064]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-01-21 44640]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-03-27 170200]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-12-04 598808]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-03-06 210984]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
S3 cmnxusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s 20140303; C:\Windows\system32\DRIVERS\cmnxusbser.sys [2015-11-24 146424]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-11-11 35256]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 tap-tb-0901;TunnelBear Adapter V9; C:\Windows\system32\DRIVERS\tap-tb-0901.sys [2014-08-12 38656]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tvtvcamd;Camera Plus (VGA Resolution Maximum); C:\Windows\system32\DRIVERS\tvtvcamd.sys [2013-09-26 27432]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2018-05-04 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [2015-06-08 133360]
R2 AcSvc;AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [2015-06-08 276720]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-08-14 83984]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-07-05 83768]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-09-05 322464]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2013-05-14 1008344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTService;CTService; C:\Program Files (x86)\Cold Turkey\\CTService.exe [2015-01-18 324096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2016-02-08 640928]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2016-09-06 180736]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-30 167736]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2014-01-28 59952]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2015-11-26 110248]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2014-01-28 74288]
R2 LENOVO.TVTVCAM;Lenovo Virtual Camera Controller; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-01-28 198704]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2014-07-08 115184]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-30 364856]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2016-02-08 157088]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2016-03-11 133136]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2015-05-29 126408]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-09-05 7994520]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2018-08-23 659768]
R3 Power Manager DBC Service;Power Manager Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2016-04-14 1668776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LPlatSvc;Lenovo Platform Service; C:\Windows\system32\LPlatSvc.exe [2016-09-06 710144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-06 335872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-28 279024]
S3 DozeSvc;Lenovo Doze Mode Service; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2016-04-14 326160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-09-18 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-06-02 273232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-10-07 196048]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-02-08 268192]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2016-09-10 28544]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2014-01-29 49976]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Re: Avast opakovane hlasi bez vyleceni + pomaly pocitac
ahoj,
len drobne smeti - pouzi ADWCleaner
len drobne smeti - pouzi ADWCleaner
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Avast opakovane hlasi bez vyleceni + pomaly pocitac
Skvělé. Díky moc
Re: Avast opakovane hlasi bez vyleceni + pomaly pocitac
Za malo 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?