Poprosim o kontrolu .

Zpráva

uzivatel 123 · #1 Příspěvek od **uzivatel 123** » 01 srp 2014 13:04

Zdravim,

V poslednej dobe sa mi strasne zpomalil v podstate novy PC ,poprosim ak by ste sa mohli na to pozriet ,bol by som velmi vdacny .)

log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by ThinkPad at 2014-08-01 13:42:34
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 241 GB (50%) free of 477 GB
Total RAM: 3662 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:43:09, on 1. 8. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.60\opera_crashreporter.exe
C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe
C:\Program Files\trend micro\ThinkPad.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 5.79.79.150 pagead2.googlesyndication.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [PWMTRV] rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [E-MU USB Audio Control Panel] "C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Skype Click to Call PNR Service (c2cpnrsvc) - Unknown owner - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: E-MU Audio Service (emaudsv) - Unknown owner - C:\Windows\system32\emaudsv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: ThinkVantage Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: Power Manager Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: ValBioService - Validity Sensors, Inc. - C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13824 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=74ef7148-e227-4264-97ef-f01ba6aa4e7e /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\fa9eae12-3ae4-447f-aaae-586dd5b79128-244-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-10d404d0-d3da-49c1-add6-d0240178c795 -SystemEventPortName:HostProcess-5c16838e-b422-420f-802e-17fd4742e950 -IoCancelEventPortName:HostProcess-ea30d2c5-8f63-40c6-85b5-a719e86220b1 -NonStateChangingEventPortName:HostProcess-4975bae7-6b7c-4f8b-844f-81011351304b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5d6b4fcf-ce9f-4fa9-be57-2ac14d3633e6 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 28064752
\??\C:\Windows\system32\conhost.exe "-2003850056-16149411224250910071069443774-16952164991392074367-1319767351866117094
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
C:\Windows\system32\emaudsv.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
"taskhost.exe"
"C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\SysWOW64\SAsrv.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe"
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe
C:\Windows\system32\valWBFPolicyService.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe" ytidilav
\??\C:\Windows\system32\conhost.exe "378854798-18853435867588203-615961179-14733246151719151754-7786512741229197736
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
WLIDSvcM.exe 4004
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
ctfmon.exe
"C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=ca8ef010-7a00-4f4b-8de0-6a6e4dd2dc5b /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\6ae7c71c-768c-4c2c-b283-01024d168622-934-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
taskmgr.exe /3
"C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe" --ran-launcher /crash-reporter-parent-id=6636
"C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe" --type=gpu-process --channel="6636.0.1137503825\329156257" --crash-reporter-pid=7932 --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,16 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2843 --crash-reporter-pid=7932 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --extension-process --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=7932 --enable-threaded-compositing --enable-delegated-renderer --channel="6636.2.618065342\1716725832" /prefetch:673131151
"C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=7932 --enable-threaded-compositing --enable-delegated-renderer --channel="6636.3.755680015\1826919401" /prefetch:673131151
"C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=7932 --enable-threaded-compositing --enable-delegated-renderer --channel="6636.4.1177796439\805041768" /prefetch:673131151
"C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=7932 --enable-threaded-compositing --enable-delegated-renderer --channel="6636.11.802977786\911607700" /prefetch:673131151
"C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" --disable-direct-npapi-requests --lang=sk --channel="6636.12.664334181\2121168395" --crash-reporter-pid=7932 /prefetch:-390060480
C:\Windows\system32\AUDIODG.EXE 0xc4c
"taskhost.exe"
"C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=7932 --enable-threaded-compositing --enable-delegated-renderer --channel="6636.18.495329495\230252288" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe85_ Global\UsGthrCtrlFltPipeMssGthrPipe85 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Users\ThinkPad\Downloads\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8d6d88815135.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2013-10-25 295720]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2013-11-29 384344]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2012-06-14 887968]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-06-01 184112]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-06-18 11586944]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-02-24 2809072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"E-MU USB Audio Control Panel"=C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe [2007-11-26 274432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-02 21648480]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-21 291648]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31 508144]
"PWMTRV"=rundll32 C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-07-10 5187088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-25 441856]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"midi4"=wdmaud.drv
"midi5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-08-01 13:42:35 ----D---- C:\Program Files\trend micro
2014-08-01 13:42:34 ----D---- C:\rsit
2014-07-31 11:14:16 ----A---- C:\Windows\system32\wups2.dll
2014-07-31 11:14:16 ----A---- C:\Windows\system32\wucltux.dll
2014-07-31 11:14:16 ----A---- C:\Windows\system32\wuaueng.dll
2014-07-31 11:14:16 ----A---- C:\Windows\system32\wuauclt.exe
2014-07-31 11:14:06 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-07-31 11:14:06 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-07-31 11:14:06 ----A---- C:\Windows\system32\wuwebv.dll
2014-07-31 11:14:06 ----A---- C:\Windows\system32\wuapp.exe
2014-07-21 05:52:31 ----A---- C:\Windows\vm331Rmv.ini
2014-07-21 05:52:31 ----A---- C:\Windows\SYSWOW64\vm331Rmv.ini
2014-07-21 05:52:31 ----A---- C:\Windows\system32\drivers\vm331avs.sys
2014-07-17 18:08:42 ----D---- C:\ProgramData\Caphyon
2014-07-17 18:08:36 ----D---- C:\Program Files\Common Files\Avid
2014-07-17 17:15:13 ----D---- C:\Users\ThinkPad\AppData\Roaming\Flux
2014-07-17 17:00:26 ----D---- C:\Program Files (x86)\Flux
2014-07-13 21:08:41 ----A---- C:\Windows\system32\VmCoinst.dll
2014-07-13 21:07:58 ----D---- C:\DRIVERS
2014-07-10 11:07:26 ----A---- C:\Windows\system32\win32k.sys
2014-07-10 11:07:25 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-10 11:07:25 ----A---- C:\Windows\system32\osk.exe
2014-07-10 11:07:23 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-10 11:07:23 ----A---- C:\Windows\system32\qedit.dll
2014-07-10 11:07:22 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-10 11:07:12 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-10 11:07:12 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-10 11:07:12 ----A---- C:\Windows\system32\schannel.dll
2014-07-10 11:07:12 ----A---- C:\Windows\system32\kerberos.dll
2014-07-10 11:07:11 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-10 11:07:11 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-10 11:07:11 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-10 11:07:11 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-10 11:07:11 ----A---- C:\Windows\system32\wdigest.dll
2014-07-10 11:07:11 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-10 11:07:11 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-10 11:07:11 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-10 11:07:10 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-10 11:07:10 ----A---- C:\Windows\system32\credssp.dll
2014-07-10 11:06:51 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-10 11:06:51 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-10 11:06:51 ----A---- C:\Windows\system32\iernonce.dll
2014-07-10 11:06:50 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-10 11:06:50 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-10 11:06:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-10 11:06:49 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-10 11:06:49 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-10 11:06:49 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-10 11:06:49 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-10 11:06:49 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 11:06:49 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-10 11:06:49 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-10 11:06:47 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-10 11:06:47 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-10 11:06:47 ----A---- C:\Windows\system32\urlmon.dll
2014-07-10 11:06:46 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-10 11:06:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-10 11:06:46 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 11:06:45 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-10 11:06:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-10 11:06:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-10 11:06:45 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-10 11:06:45 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-10 11:06:45 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-10 11:06:44 ----A---- C:\Windows\system32\iesetup.dll
2014-07-10 11:06:44 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-10 11:06:43 ----A---- C:\Windows\system32\iertutil.dll
2014-07-10 11:06:42 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-10 11:06:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-10 11:06:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-10 11:06:41 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-10 11:06:41 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-10 11:06:41 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-10 11:06:41 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-10 11:06:41 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-10 11:06:41 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-10 11:06:39 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-10 11:06:38 ----A---- C:\Windows\system32\ieui.dll
2014-07-10 11:06:38 ----A---- C:\Windows\system32\ieframe.dll
2014-07-10 11:06:37 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-10 11:06:37 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-10 11:06:37 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-10 11:06:37 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-10 11:06:36 ----A---- C:\Windows\system32\vbscript.dll
2014-07-10 11:06:36 ----A---- C:\Windows\system32\jscript9.dll
2014-07-10 11:06:35 ----A---- C:\Windows\system32\wininet.dll
2014-07-10 11:06:35 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-10 11:06:34 ----A---- C:\Windows\system32\msrating.dll
2014-07-10 11:06:34 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-10 11:06:33 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 11:06:33 ----A---- C:\Windows\system32\mshtml.dll
2014-07-10 11:06:15 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-10 11:06:14 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-10 11:06:14 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-09 12:50:00 ----D---- C:\Users\ThinkPad\AppData\Roaming\AVG
2014-07-09 12:49:14 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-07-09 12:49:13 ----D---- C:\ProgramData\AVG
2014-07-09 12:37:50 ----D---- C:\Users\ThinkPad\AppData\Roaming\AVG2014
2014-07-09 12:36:56 ----D---- C:\Users\ThinkPad\AppData\Roaming\TuneUp Software
2014-07-09 12:36:38 ----HD---- C:\$AVG
2014-07-09 12:36:38 ----D---- C:\ProgramData\AVG2014
2014-07-09 12:36:28 ----D---- C:\Program Files (x86)\AVG
2014-07-09 12:34:13 ----HD---- C:\ProgramData\Common Files
2014-07-09 12:34:13 ----D---- C:\ProgramData\MFAData
2014-07-08 15:56:52 ----D---- C:\Users\ThinkPad\AppData\Roaming\Sample Magic
2014-07-07 18:24:24 ----AD---- C:\ProgramData\PACE
2014-07-07 18:21:15 ----D---- C:\Program Files (x86)\iLok License Manager
2014-06-30 12:43:02 ----A---- C:\Windows\system32\drivers\avgdiska.sys
2014-06-21 03:10:49 ----D---- C:\Program Files (x86)\ASIO4ALL v2
2014-06-17 16:21:34 ----A---- C:\Windows\system32\drivers\avgldx64.sys
2014-06-17 16:07:12 ----A---- C:\Windows\system32\drivers\avgloga.sys
2014-06-17 16:06:58 ----A---- C:\Windows\system32\drivers\avgtdia.sys
2014-06-17 16:06:24 ----A---- C:\Windows\system32\drivers\avgidsha.sys
2014-06-17 16:06:22 ----A---- C:\Windows\system32\drivers\avgidsdrivera.sys
2014-06-17 16:06:20 ----A---- C:\Windows\system32\drivers\avgmfx64.sys
2014-06-17 16:06:06 ----A---- C:\Windows\system32\drivers\avgrkx64.sys
2014-06-11 08:01:23 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-06-11 08:01:23 ----A---- C:\Windows\system32\usp10.dll
2014-06-11 08:01:23 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-11 08:01:22 ----A---- C:\Windows\system32\msxml6.dll
2014-06-11 08:01:22 ----A---- C:\Windows\system32\msxml3.dll
2014-06-11 08:01:22 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-11 08:01:21 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-06-11 08:01:21 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-06-11 08:01:21 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-06-11 08:01:21 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-06-11 08:01:21 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-11 08:01:21 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-11 08:01:20 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 08:01:20 ----A---- C:\Windows\system32\rdpcorets.dll
2014-06-10 13:44:32 ----D---- C:\Program Files (x86)\Opera
2014-06-09 14:06:29 ----D---- C:\Users\ThinkPad\AppData\Roaming\Adobe
2014-05-22 21:29:59 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-05-22 21:29:59 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2014-05-22 19:40:05 ----D---- C:\Users\ThinkPad\AppData\Roaming\Opera Software
2014-05-17 13:44:36 ----HDC---- C:\ProgramData\{13A9B825-42CB-4973-913D-2194B5A4CF94}
2014-05-14 08:39:36 ----A---- C:\Windows\system32\shell32.dll
2014-05-14 08:39:35 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-14 08:39:30 ----A---- C:\Windows\system32\aepdu.dll
2014-05-14 08:39:29 ----A---- C:\Windows\system32\aeinv.dll
2014-05-14 08:39:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-14 08:39:14 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-14 08:39:14 ----A---- C:\Windows\system32\winlogon.exe
2014-05-14 08:39:14 ----A---- C:\Windows\system32\objsel.dll
2014-05-14 08:39:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-14 08:39:13 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-14 08:39:13 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-14 08:39:12 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-14 08:39:12 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-14 08:39:11 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-14 08:39:11 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-14 08:39:11 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-14 08:39:11 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-14 08:39:11 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-14 08:39:11 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-14 08:39:11 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-14 08:39:11 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-14 08:39:11 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-14 08:39:11 ----A---- C:\Windows\system32\adprovider.dll
2014-05-14 08:39:10 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-14 08:39:10 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-14 08:39:10 ----A---- C:\Windows\system32\sspicli.dll
2014-05-14 08:39:10 ----A---- C:\Windows\system32\lsass.exe
2014-05-14 08:39:10 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-14 08:39:09 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-14 08:39:09 ----A---- C:\Windows\system32\secur32.dll
2014-05-11 19:02:59 ----D---- C:\zaloha kluc usb
2014-05-07 03:00:27 ----SD---- C:\Windows\system32\CompatTel

======List of files/folders modified in the last 3 months======

2014-08-01 13:42:35 ----RD---- C:\Program Files
2014-08-01 13:41:52 ----D---- C:\Windows\Temp
2014-08-01 11:29:54 ----D---- C:\Audio
2014-08-01 11:17:15 ----D---- C:\Images
2014-08-01 10:21:47 ----D---- C:\Users\ThinkPad\AppData\Roaming\Skype
2014-08-01 09:13:23 ----D---- C:\Windows\system32\config
2014-08-01 01:14:24 ----A---- C:\Windows\SYSWOW64\log.txt
2014-07-31 17:47:51 ----D---- C:\Edits
2014-07-31 17:23:30 ----D---- C:\Users\ThinkPad\AppData\Roaming\uTorrent
2014-07-31 11:14:40 ----D---- C:\Windows\System32
2014-07-31 11:14:37 ----D---- C:\Windows\SysWOW64
2014-07-31 11:14:36 ----D---- C:\Windows\winsxs
2014-07-31 11:14:35 ----D---- C:\Windows\system32\sk-SK
2014-07-31 11:14:23 ----D---- C:\Windows\system32\catroot2
2014-07-31 11:14:23 ----D---- C:\Windows\system32\catroot
2014-07-30 23:43:51 ----D---- C:\Windows\Prefetch
2014-07-30 22:21:34 ----D---- C:\Windows\inf
2014-07-30 22:21:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-27 02:20:50 ----HD---- C:\ProgramData
2014-07-27 02:20:50 ----D---- C:\Program Files (x86)\Common Files
2014-07-26 22:49:10 ----D---- C:\Windows\rescache
2014-07-26 16:27:25 ----D---- C:\Users\ThinkPad\AppData\Roaming\Winamp
2014-07-26 04:17:06 ----D---- C:\Windows\Minidump
2014-07-26 04:17:01 ----D---- C:\Windows
2014-07-25 15:09:02 ----D---- C:\Windows\SoftwareDistribution
2014-07-25 12:06:31 ----SD---- C:\ProgramData\Microsoft
2014-07-24 21:43:13 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-24 21:43:12 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 17:23:16 ----SHD---- C:\Windows\Installer
2014-07-22 13:47:40 ----D---- C:\Windows\system32\Tasks
2014-07-21 07:50:43 ----RSD---- C:\Windows\Fonts
2014-07-21 05:52:41 ----D---- C:\Windows\system32\drivers
2014-07-21 05:52:41 ----D---- C:\Windows\system
2014-07-21 05:52:41 ----D---- C:\Program Files (x86)\USB Camera
2014-07-21 05:52:39 ----D---- C:\Windows\system32\DriverStore
2014-07-18 17:52:50 ----D---- C:\Windows\system32\NDF
2014-07-17 18:08:36 ----D---- C:\Program Files\Common Files
2014-07-17 17:08:45 ----D---- C:\Program Files (x86)\Steinberg
2014-07-17 17:00:26 ----RD---- C:\Program Files (x86)
2014-07-13 21:16:30 ----D---- C:\ProgramData\Skype
2014-07-13 21:16:24 ----RD---- C:\Program Files (x86)\Skype
2014-07-12 21:47:59 ----SD---- C:\Users\ThinkPad\AppData\Roaming\Microsoft
2014-07-11 20:41:58 ----D---- C:\Windows\debug
2014-07-10 16:58:55 ----D---- C:\Windows\Tasks
2014-07-10 15:50:21 ----D---- C:\Program Files\Windows Journal
2014-07-10 15:50:20 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-10 15:50:20 ----D---- C:\Windows\system32\Dism
2014-07-10 15:50:18 ----D---- C:\Windows\system32\en-US
2014-07-10 15:50:18 ----D---- C:\Windows\ehome
2014-07-10 15:50:17 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-10 15:50:17 ----D---- C:\Program Files\Internet Explorer
2014-07-10 15:50:14 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-10 14:20:08 ----D---- C:\Windows\system32\MRT
2014-07-10 14:16:15 ----A---- C:\Windows\system32\MRT.exe
2014-07-10 14:15:35 ----D---- C:\ProgramData\Microsoft Help
2014-07-09 12:59:19 ----HDC---- C:\ProgramData\{BF329843-149E-4A5A-82A1-0250286442D0}
2014-07-09 12:59:19 ----HDC---- C:\ProgramData\{4275E5EA-6E30-48EB-A209-F964539CBE1C}
2014-07-09 12:48:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-07 18:21:55 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-06-26 18:14:40 ----D---- C:\Killing Floor New 2
2014-06-25 15:08:16 ----D---- C:\Program Files (x86)\PokerStars
2014-06-17 11:39:10 ----D---- C:\VISUAL DEPARTMENT
2014-06-15 12:26:26 ----D---- C:\Windows\system32\wdi
2014-06-13 09:06:11 ----D---- C:\ProgramData\YTD Video Downloader
2014-06-12 21:06:50 ----D---- C:\Program Files (x86)\Google
2014-06-05 13:04:42 ----D---- C:\Program Files (x86)\Adobe
2014-06-05 12:47:08 ----SHD---- C:\System Volume Information
2014-06-03 18:19:49 ----D---- C:\Windows\system32\drivers\UMDF
2014-06-03 15:58:21 ----D---- C:\AUDIO DEPARTMENT
2014-06-02 11:50:59 ----D---- C:\Windows\system32\drivers\etc
2014-06-02 10:31:54 ----D---- C:\ProgramData\Pinnacle
2014-06-02 10:31:54 ----D---- C:\Program Files (x86)\Pinnacle
2014-05-28 23:17:29 ----D---- C:\Users\ThinkPad\AppData\Roaming\DAEMON Tools Lite
2014-05-15 03:30:58 ----D---- C:\Windows\Microsoft.NET
2014-05-15 03:30:45 ----RSD---- C:\Windows\assembly
2014-05-15 03:20:36 ----D---- C:\Windows\PolicyDefinitions
2014-05-07 18:13:39 ----D---- C:\Users\ThinkPad\AppData\Roaming\FabFilter

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-06-17 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-06-12 568640]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2013-11-29 152888]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2013-11-29 29496]
R0 Tpkd;Tpkd; C:\Windows\system32\drivers\Tpkd.sys [2013-04-11 106704]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-06-17 242968]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-06-17 235800]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-06-17 269080]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-29 283064]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2013-12-09 20736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2012-09-20 1609376]
R3 emusba10;E-MU USB-Audio 1.0 Driver; C:\Windows\system32\DRIVERS\emusba10.sys [2007-11-26 213272]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2013-11-07 54528]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-08-25 9000256]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-03 62784]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2012-09-30 11523072]
R3 RDID1027;PCR; C:\Windows\system32\Drivers\rdwm1027.sys [2009-09-18 81920]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2013-05-16 288840]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-13 726160]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-02-24 31472]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-02-24 552176]
R3 tvtvcamd;Camera Plus (VGA Resolution Maximum); C:\Windows\system32\DRIVERS\tvtvcamd.sys [2011-12-08 27432]
R3 vm331avs;Digital Camera 1; C:\Windows\System32\Drivers\vm331avs.sys [2013-04-30 1049984]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2012-05-21 111104]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2012-06-09 849408]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840]
S3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2012-07-09 60928]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-07-10 3244048]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-07-10 289328]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-06-18 1095616]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-06-18 1333184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-06-18 1124288]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 emaudsv;E-MU Audio Service; C:\Windows\system32\emaudsv.exe [2007-11-26 25600]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2013-11-07 66856]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-19 634632]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-20 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-20 166720]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2013-10-25 58664]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2013-06-24 110072]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-10-25 73000]
R2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2013-10-25 197928]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-10 136288]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-20 277824]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 PaceLicenseDServices;PACE License Services; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2014-01-16 17191840]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe []
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2013-06-20 125432]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2013-06-20 125504]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-20 365376]
R2 ValBioService;ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [2013-10-28 22872]
R2 valWBFPolicyService;Validity WBF Policy Service; C:\Windows\system32\valWBFPolicyService.exe [2013-10-28 40848]
R3 Power Manager DBC Service;Power Manager Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2013-12-09 1669976]
S2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe /service []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2012-06-08 201376]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-08-26 276288]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2013-12-09 1664856]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-02-21 24120]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2013-11-29 47448]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-28 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 02 srp 2014 14:52

Zdravim

Odinstalujte Spybota a pokud neni zakoupene, tak doporucuji odinstalovat i AVG a nahradit ho treba Avastem.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

uzivatel 123 · #3 Příspěvek od **uzivatel 123** » 06 srp 2014 11:55

Zdravim Marty,

Dakujem za odpoved.

Nebol som par dni pri PC tak reagujem az teraz.

AVG som odstranil a Spybot odinstalovanie neviem najst nikde... ani cez Ccleaner mi nezobrazuje v odinstalacii.

tak som to zatial pustil cez ten AdwCleaner a vypada to takto :

# AdwCleaner v3.302 - Report created 06/08/2014 at 12:48:59
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : ThinkPad - MATUS
# Running from : C:\Users\ThinkPad\Desktop\adwcleaner_3.302.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\GreenTree Applications

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\Software\AVG Secure Search

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207

*************************

AdwCleaner[R0].txt - [865 octets] - [06/08/2014 12:47:58]
AdwCleaner[S0].txt - [752 octets] - [06/08/2014 12:48:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [811 octets] ##########

#4 Příspěvek od **Márty84** » 07 srp 2014 08:26

uzivatel 123 píše:Spybot odinstalovanie neviem najst nikde

Jsou tam asi jen zbytky, smaznu je pak skriptem.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

uzivatel 123 · #5 Příspěvek od **uzivatel 123** » 07 srp 2014 12:42

kontrola MBAM vysla nejak takto

:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7. 8. 2014
Scan Time: 11:33:22
Logfile: mAM.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.07.01
Rootkit Database: v2014.08.04.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ThinkPad

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 509687
Time Elapsed: 2 hr, 4 min, 39 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 3
PUP.RiskwareTool.CK, C:\VISUAL DEPARTMENT\IllustratorPortable\App\Illustrator\Support Files\Contents\Windows\amtlib.dll, , [e1dc04bfe19ab87e217a22f4fc06e51b],
PUP.Optional.Installrex, C:\Users\ThinkPad\AppData\Roaming\Opera Software\Opera Stable\File System\001\t\00\00000000, , [3588c5fe69122b0b1f7740625ca5728e],
PUP.Optional.OpenCandy, C:\Users\ThinkPad\Downloads\FreemakeVideoConverterSetup.exe, , [813c13b02a515fd77c5b9f7816ebfa06],

Physical Sectors: 0
(No malicious items detected)

(end)

#6 Příspěvek od **Márty84** » 08 srp 2014 07:57

Nalezy doporucuji odstranit, pak MBAM odinstalujte.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

uzivatel 123 · #7 Příspěvek od **uzivatel 123** » 08 srp 2014 09:36

Crystal disk info :

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2014/08/08 10:35:50

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- HGST HTS725050A7E630
- MATSHITA DVD-RAM UJ8C2

-- Disk List ---------------------------------------------------------------
(1) HGST HTS725050A7E630 : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) HGST HTS725050A7E630
----------------------------------------------------------------------------
Model : HGST HTS725050A7E630
Firmware : GH2ZB550
Serial Number : TF655AWHJDP9KL
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600
Power On Hours : 2066 hours
Power On Count : 1035 count
Temparature : 43 C (109 F)
Health Status : Good
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Read Error Rate
02 100 100 _40 000000000000 Throughput Performance
03 253 253 _33 001200000001 Spin-Up Time
04 100 100 __0 00000000054E Start/Stop Count
05 100 100 __5 000000000000 Reallocated Sectors Count
07 100 100 _67 000000000000 Seek Error Rate
08 100 100 _40 000000000000 Seek Time Performance
09 _96 _96 __0 000000000812 Power-On Hours
0A 100 100 _60 000000000000 Spin Retry Count
0C 100 100 __0 00000000040B Power Cycle Count
BF 100 100 __0 000000000000 G-Sense Error Rate
C0 100 100 __0 00002F51001D Power-off Retract Count
C1 _97 _97 __0 00000000820B Load/Unload Cycle Count
C2 139 139 __0 00340007002B Temperature
C4 100 100 __0 000000000000 Reallocation Event Count
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
DF 100 100 __0 000000000000 Load/Unload Retry Count

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 5446 3635 5748 5748 4A44 5039 4B4C
020: 0003 FFFF 0004 4748 325A 3530 3530 4847 5354 2048
030: 5453 3732 3530 3530 4137 3330 3330 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F0E 1F0E 0006 004C 004C
080: 01FC 0028 346B 7D69 6163 BC49 BC49 6163 407F 002D
090: 002E 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 6003 6003 74DC 5000 CCA7
110: 7FE1 F373 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 2182 1CF1 FA00 4000 4000 2000 0007 0000
140: 0000 0802 0504 0000 0000 0000 0000 0000 0000 0000
150: 0000 0005 325A 4235 0000 0000 0000 5DBD 9C20 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 1FA5

#8 Příspěvek od **Márty84** » 08 srp 2014 17:55

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

uzivatel 123 · #9 Příspěvek od **uzivatel 123** » 09 srp 2014 20:32

Combofix log :

ComboFix 14-08-06.02 - ThinkPad . 08. 2014 18:58:26.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.3662.2271 [GMT 2:00]
Running from: c:\users\ThinkPad\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
/wow section - STAGE 6A
Proces nemôže získať prístup k súboru, pretože daný súbor práve používa iný proces.
Proces nemôže získať prístup k súboru, pretože daný súbor práve používa iný proces.
Proces nemôže získať prístup k súboru, pretože daný súbor práve používa iný proces.
Proces nemôže získať prístup k súboru, pretože daný súbor práve používa iný proces.
Proces nemôže získať prístup k súboru, pretože daný súbor práve používa iný proces.
Proces nemôže získať prístup k súboru, pretože daný súbor práve používa iný proces.
Proces nemôže získať prístup k súboru, pretože daný súbor práve používa iný proces.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
((((((((((((((((((((((((( Files Created from 2014-07-09 to 2014-08-09 )))))))))))))))))))))))))))))))
.
.
2014-08-09 19:23 . 2014-08-09 19:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-08 07:00 . 2014-08-08 07:00 -------- d-----w- c:\users\ThinkPad\AppData\Local\FluxSoftware
2014-08-08 06:35 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{64DB3F3C-2BB8-4E37-8A2A-9E0F8918F88F}\mpengine.dll
2014-08-07 09:31 . 2014-08-07 09:31 -------- d-----w- c:\programdata\Malwarebytes
2014-08-06 18:02 . 2014-08-06 18:02 -------- d-----w- c:\users\ThinkPad\AppData\Roaming\AVAST Software
2014-08-06 17:54 . 2014-08-06 17:56 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-06 17:54 . 2014-08-06 17:54 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-06 17:54 . 2014-08-06 17:54 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-06 17:54 . 2014-08-06 17:54 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-06 17:54 . 2014-08-06 17:54 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-06 17:54 . 2014-08-06 17:54 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-06 17:54 . 2014-08-06 17:54 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-06 17:54 . 2014-08-06 17:54 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-06 17:54 . 2014-08-06 17:54 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-06 17:54 . 2014-08-06 17:54 43152 ----a-w- c:\windows\avastSS.scr
2014-08-06 17:51 . 2014-08-06 17:51 -------- d-----w- c:\program files\AVAST Software
2014-08-06 16:09 . 2014-08-06 16:09 -------- d-----w- c:\program files (x86)\MixMeister BPM Analyzer
2014-08-06 11:35 . 2014-08-06 17:51 -------- d-----w- c:\programdata\AVAST Software
2014-08-06 10:59 . 2014-08-06 10:59 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-08-06 10:59 . 2014-08-06 10:58 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-06 10:58 . 2014-08-06 10:58 -------- d-----w- c:\program files (x86)\Java
2014-08-06 10:47 . 2014-08-06 10:49 -------- d-----w- C:\AdwCleaner
2014-08-06 10:05 . 2014-08-06 10:22 -------- d-----w- c:\users\ThinkPad\AppData\Roaming\Spesoft Text To MP3
2014-08-06 10:04 . 2014-08-06 10:12 -------- d-----w- c:\program files (x86)\Spesoft Text To MP3 Speaker
2014-08-01 11:42 . 2014-08-01 11:43 -------- d-----w- c:\program files\trend micro
2014-08-01 11:42 . 2014-08-01 11:43 -------- d-----w- C:\rsit
2014-07-21 03:52 . 2013-04-30 14:47 1049984 ----a-w- c:\windows\system32\drivers\vm331avs.sys
2014-07-17 18:22 . 2014-07-17 18:22 -------- d-----w- c:\users\ThinkPad\AppData\Local\Diagnostics
2014-07-17 16:08 . 2014-07-17 16:08 -------- d-----w- c:\programdata\Caphyon
2014-07-17 16:08 . 2014-07-17 16:08 -------- d-----w- c:\program files\Common Files\Avid
2014-07-17 16:08 . 2014-07-17 16:08 -------- d-----w- c:\program files (x86)\Common Files\Avid
2014-07-17 15:15 . 2014-07-17 16:10 -------- d-----w- c:\users\ThinkPad\AppData\Roaming\Flux
2014-07-17 15:00 . 2014-07-17 15:00 -------- d-----w- c:\program files (x86)\Flux
2014-07-16 07:49 . 2014-07-16 07:49 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2014-07-13 19:16 . 2014-07-13 19:16 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-07-13 19:08 . 2013-04-15 14:24 358912 ----a-w- c:\windows\system32\VmCoinst.dll
2014-07-13 19:07 . 2014-07-13 19:07 -------- d-----w- C:\DRIVERS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-23 08:52 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-10 12:16 . 2014-01-28 13:30 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-09 10:48 . 2014-01-29 05:59 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 10:48 . 2014-01-29 05:59 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-20 20:14 . 2014-07-10 09:06 266424 ----a-w- c:\windows\system32\iedkcs32.dll
2014-06-19 01:39 . 2014-07-10 09:06 23464448 ----a-w- c:\windows\system32\mshtml.dll
2014-06-19 01:06 . 2014-07-10 09:06 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-06-19 01:06 . 2014-07-10 09:06 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-06-19 00:48 . 2014-07-10 09:06 2768384 ----a-w- c:\windows\system32\iertutil.dll
2014-06-19 00:42 . 2014-07-10 09:06 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-06-19 00:42 . 2014-07-10 09:06 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-06-19 00:41 . 2014-07-10 09:06 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-06-19 00:41 . 2014-07-10 09:06 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-06-19 00:32 . 2014-07-10 09:06 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-06-19 00:31 . 2014-07-10 09:06 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-06-19 00:26 . 2014-07-10 09:06 598016 ----a-w- c:\windows\system32\ieui.dll
2014-06-19 00:24 . 2014-07-10 09:06 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-06-19 00:24 . 2014-07-10 09:06 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-06-19 00:23 . 2014-07-10 09:06 752640 ----a-w- c:\windows\system32\jscript9diag.dll
2014-06-19 00:14 . 2014-07-10 09:06 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-06-19 00:09 . 2014-07-10 09:06 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2014-06-18 23:59 . 2014-07-10 09:06 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-18 23:56 . 2014-07-10 09:06 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-06-18 23:53 . 2014-07-10 09:06 195584 ----a-w- c:\windows\system32\msrating.dll
2014-06-18 23:51 . 2014-07-10 09:06 5721088 ----a-w- c:\windows\system32\jscript9.dll
2014-06-18 23:50 . 2014-07-10 09:06 85504 ----a-w- c:\windows\system32\mshtmled.dll
2014-06-18 23:48 . 2014-07-10 09:06 292864 ----a-w- c:\windows\system32\dxtrans.dll
2014-06-18 23:39 . 2014-07-10 09:06 608768 ----a-w- c:\windows\system32\ie4uinit.exe
2014-06-18 23:38 . 2014-07-10 09:06 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-06-18 23:37 . 2014-07-10 09:06 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-06-18 23:36 . 2014-07-10 09:06 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35 . 2014-07-10 09:06 62464 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-06-18 23:33 . 2014-07-10 09:06 631808 ----a-w- c:\windows\system32\msfeeds.dll
2014-06-18 23:27 . 2014-07-10 09:06 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-06-18 23:27 . 2014-07-10 09:06 2040832 ----a-w- c:\windows\system32\inetcpl.cpl
2014-06-18 23:23 . 2014-07-10 09:06 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-06-18 23:22 . 2014-07-10 09:06 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-06-18 23:06 . 2014-07-10 09:06 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58 . 2014-07-10 09:06 2266112 ----a-w- c:\windows\system32\wininet.dll
2014-06-18 22:52 . 2014-07-10 09:06 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-06-18 22:51 . 2014-07-10 09:06 13527040 ----a-w- c:\windows\system32\ieframe.dll
2014-06-18 22:46 . 2014-07-10 09:06 1068032 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45 . 2014-07-10 09:06 1964544 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-06-18 22:34 . 2014-07-10 09:06 1393664 ----a-w- c:\windows\system32\urlmon.dll
2014-06-18 22:15 . 2014-07-10 09:06 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-06-18 22:13 . 2014-07-10 09:06 1791488 ----a-w- c:\windows\SysWow64\wininet.dll
2014-06-18 02:18 . 2014-07-10 09:07 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-10 09:07 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-18 01:10 . 2014-07-10 09:07 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-06-06 10:10 . 2014-07-10 09:07 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-10 09:07 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-10 09:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-10 09:06 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-10 09:06 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-05-30 08:08 . 2014-07-10 09:07 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-10 09:07 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-10 09:07 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-10 09:07 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-10 09:07 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-10 09:07 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-10 09:07 22016 ----a-w- c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-10 09:07 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-10 09:07 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-10 09:07 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-10 09:07 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-10 09:07 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-10 09:07 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-10 09:07 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-10 09:07 497152 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-02-01 11:43 220632 ----a-w- c:\users\ThinkPad\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-02-01 11:43 220632 ----a-w- c:\users\ThinkPad\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-02-01 11:43 220632 ----a-w- c:\users\ThinkPad\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"E-MU USB Audio Control Panel"="c:\program files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe" [2007-11-26 274432]
"f.lux"="c:\users\ThinkPad\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-21 291648]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-08-31 508144]
"PWMTRV"="c:\program files (x86)\ThinkPad\Utilities\PWMTR64V.DLL" [2013-12-09 6623576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-06 4085896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"UpdReg"=c:\windows\UpdReg.EXE
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 emusba10;E-MU USB-Audio 1.0 Driver;c:\windows\system32\DRIVERS\emusba10.sys;c:\windows\SYSNATIVE\DRIVERS\emusba10.sys [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 emaudsv;E-MU Audio Service;c:\windows\system32\emaudsv.exe;c:\windows\SYSNATIVE\emaudsv.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [x]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe;c:\windows\SYSNATIVE\SAsrv.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ValBioService;ValBioService;c:\program files\Lenovo Fingerprint Reader\ValBioService.exe;c:\program files\Lenovo Fingerprint Reader\ValBioService.exe [x]
S2 valWBFPolicyService;Validity WBF Policy Service;c:\windows\system32\valWBFPolicyService.exe;c:\windows\SYSNATIVE\valWBFPolicyService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Power Manager DBC Service;Power Manager Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 tvtvcamd;Camera Plus (VGA Resolution Maximum);c:\windows\system32\DRIVERS\tvtvcamd.sys;c:\windows\SYSNATIVE\DRIVERS\tvtvcamd.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - MBAMWebAccessControl
.
Contents of the 'Scheduled Tasks' folder
.
2014-08-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-29 10:48]
.
2014-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29 05:29]
.
2014-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8d6d88815135.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29 05:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-02-01 11:43 244696 ----a-w- c:\users\ThinkPad\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-02-01 11:43 244696 ----a-w- c:\users\ThinkPad\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-02-01 11:43 244696 ----a-w- c:\users\ThinkPad\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-06 17:54 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2013-10-25 295720]
"TpShocks"="TpShocks.exe" [2013-11-29 384344]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-14 887968]
"ForteConfig"="c:\program files\Conexant\ForteConfig\fmapp.exe" [2010-10-26 49056]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-05-31 184112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-06-18 11586944]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.sk/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send to Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Native Instruments Kontakt 4 - c:\programdata\{BF329843-149E-4A5A-82A1-0250286442D0}\Kontakt 4 Setup PC.exe
AddRemove-Native Instruments Massive - c:\programdata\{13A9B825-42CB-4973-913D-2194B5A4CF94}\Massive Setup PC.exe
AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files (x86)\GreenTree Applications\YTD Video Downloader\uninstall.exe
AddRemove-{43E7798A-248E-4A3D-9969-FEA63543A462} - c:\programdata\{4275E5EA-6E30-48EB-A209-F964539CBE1C}\Kontakt 4 Setup PC.exe
AddRemove-{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9} - c:\programdata\{13A9B825-42CB-4973-913D-2194B5A4CF94}\Massive Setup PC.exe
AddRemove-{EC015649-3B3C-4611-9C66-453F8011E944} - c:\programdata\{BF329843-149E-4A5A-82A1-0250286442D0}\Kontakt 4 Setup PC.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PaceLicenseDServices]
"ImagePath"="\"c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe\" -u https://activation.paceap.com/InitiateActivation"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3037261787-434155478-2496983176-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3037261787-434155478-2496983176-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-08-09 21:27:51
ComboFix-quarantined-files.txt 2014-08-09 19:27
.
Pre-Run: 251 744 727 040 bytes free
Post-Run: 251 555 553 280 bytes free
.
- - End Of File - - D832A475782BB5B881043E1717DB36A6

#10 Příspěvek od **Márty84** » 09 srp 2014 22:59

Vypnete trvale Windows Defender

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"=-
"SunJavaUpdateSched"=-

RegLock::
[HKEY_USERS\S-1-5-21-3037261787-434155478-2496983176-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
[HKEY_USERS\S-1-5-21-3037261787-434155478-2496983176-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
c2cpnrsvc
SkypeUpdate

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

uzivatel 123 · #11 Příspěvek od **uzivatel 123** » 10 srp 2014 00:18

cmobofix log 2 :

ComboFix 14-08-06.02 - ThinkPad . 08. 2014 0:42.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.3662.2076 [GMT 2:00]
Running from: c:\users\ThinkPad\Desktop\ComboFix.exe
Command switches used :: c:\users\ThinkPad\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_c2cpnrsvc
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Files Created from 2014-07-09 to 2014-08-09 )))))))))))))))))))))))))))))))
.
.
2014-08-09 22:53 . 2014-08-09 22:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-08 07:00 . 2014-08-08 07:00 -------- d-----w- c:\users\ThinkPad\AppData\Local\FluxSoftware
2014-08-08 06:35 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{64DB3F3C-2BB8-4E37-8A2A-9E0F8918F88F}\mpengine.dll
2014-08-07 09:31 . 2014-08-07 09:31 -------- d-----w- c:\programdata\Malwarebytes
2014-08-06 18:02 . 2014-08-06 18:02 -------- d-----w- c:\users\ThinkPad\AppData\Roaming\AVAST Software
2014-08-06 17:54 . 2014-08-06 17:56 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-06 17:54 . 2014-08-06 17:54 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-06 17:54 . 2014-08-06 17:54 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-06 17:54 . 2014-08-06 17:54 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-06 17:54 . 2014-08-06 17:54 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-06 17:54 . 2014-08-06 17:54 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-06 17:54 . 2014-08-06 17:54 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-06 17:54 . 2014-08-06 17:54 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-06 17:54 . 2014-08-06 17:54 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-06 17:54 . 2014-08-06 17:54 43152 ----a-w- c:\windows\avastSS.scr
2014-08-06 17:51 . 2014-08-06 17:51 -------- d-----w- c:\program files\AVAST Software
2014-08-06 16:09 . 2014-08-06 16:09 -------- d-----w- c:\program files (x86)\MixMeister BPM Analyzer
2014-08-06 11:35 . 2014-08-06 17:51 -------- d-----w- c:\programdata\AVAST Software
2014-08-06 10:59 . 2014-08-06 10:59 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-08-06 10:59 . 2014-08-06 10:58 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-06 10:58 . 2014-08-06 10:58 -------- d-----w- c:\program files (x86)\Java
2014-08-06 10:47 . 2014-08-06 10:49 -------- d-----w- C:\AdwCleaner
2014-08-06 10:05 . 2014-08-09 20:06 -------- d-----w- c:\users\ThinkPad\AppData\Roaming\Spesoft Text To MP3
2014-08-06 10:04 . 2014-08-06 10:12 -------- d-----w- c:\program files (x86)\Spesoft Text To MP3 Speaker
2014-08-01 11:42 . 2014-08-01 11:43 -------- d-----w- c:\program files\trend micro
2014-08-01 11:42 . 2014-08-01 11:43 -------- d-----w- C:\rsit
2014-07-21 03:52 . 2013-04-30 14:47 1049984 ----a-w- c:\windows\system32\drivers\vm331avs.sys
2014-07-17 18:22 . 2014-07-17 18:22 -------- d-----w- c:\users\ThinkPad\AppData\Local\Diagnostics
2014-07-17 16:08 . 2014-07-17 16:08 -------- d-----w- c:\programdata\Caphyon
2014-07-17 16:08 . 2014-07-17 16:08 -------- d-----w- c:\program files\Common Files\Avid
2014-07-17 16:08 . 2014-07-17 16:08 -------- d-----w- c:\program files (x86)\Common Files\Avid
2014-07-17 15:15 . 2014-07-17 16:10 -------- d-----w- c:\users\ThinkPad\AppData\Roaming\Flux
2014-07-17 15:00 . 2014-07-17 15:00 -------- d-----w- c:\program files (x86)\Flux
2014-07-16 07:49 . 2014-07-16 07:49 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2014-07-13 19:16 . 2014-07-13 19:16 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-07-13 19:08 . 2013-04-15 14:24 358912 ----a-w- c:\windows\system32\VmCoinst.dll
2014-07-13 19:07 . 2014-07-13 19:07 -------- d-----w- C:\DRIVERS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-23 08:52 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-10 12:16 . 2014-01-28 13:30 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-09 10:48 . 2014-01-29 05:59 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 10:48 . 2014-01-29 05:59 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-20 20:14 . 2014-07-10 09:06 266424 ----a-w- c:\windows\system32\iedkcs32.dll
2014-06-19 01:39 . 2014-07-10 09:06 23464448 ----a-w- c:\windows\system32\mshtml.dll
2014-06-19 01:06 . 2014-07-10 09:06 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-06-19 01:06 . 2014-07-10 09:06 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-06-19 00:48 . 2014-07-10 09:06 2768384 ----a-w- c:\windows\system32\iertutil.dll
2014-06-19 00:42 . 2014-07-10 09:06 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-06-19 00:42 . 2014-07-10 09:06 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-06-19 00:41 . 2014-07-10 09:06 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-06-19 00:41 . 2014-07-10 09:06 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-06-19 00:32 . 2014-07-10 09:06 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-06-19 00:31 . 2014-07-10 09:06 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-06-19 00:26 . 2014-07-10 09:06 598016 ----a-w- c:\windows\system32\ieui.dll
2014-06-19 00:24 . 2014-07-10 09:06 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-06-19 00:24 . 2014-07-10 09:06 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-06-19 00:23 . 2014-07-10 09:06 752640 ----a-w- c:\windows\system32\jscript9diag.dll
2014-06-19 00:14 . 2014-07-10 09:06 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-06-19 00:09 . 2014-07-10 09:06 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2014-06-18 23:59 . 2014-07-10 09:06 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-18 23:56 . 2014-07-10 09:06 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-06-18 23:53 . 2014-07-10 09:06 195584 ----a-w- c:\windows\system32\msrating.dll
2014-06-18 23:51 . 2014-07-10 09:06 5721088 ----a-w- c:\windows\system32\jscript9.dll
2014-06-18 23:50 . 2014-07-10 09:06 85504 ----a-w- c:\windows\system32\mshtmled.dll
2014-06-18 23:48 . 2014-07-10 09:06 292864 ----a-w- c:\windows\system32\dxtrans.dll
2014-06-18 23:39 . 2014-07-10 09:06 608768 ----a-w- c:\windows\system32\ie4uinit.exe
2014-06-18 23:38 . 2014-07-10 09:06 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-06-18 23:37 . 2014-07-10 09:06 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-06-18 23:36 . 2014-07-10 09:06 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35 . 2014-07-10 09:06 62464 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-06-18 23:33 . 2014-07-10 09:06 631808 ----a-w- c:\windows\system32\msfeeds.dll
2014-06-18 23:27 . 2014-07-10 09:06 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-06-18 23:27 . 2014-07-10 09:06 2040832 ----a-w- c:\windows\system32\inetcpl.cpl
2014-06-18 23:23 . 2014-07-10 09:06 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-06-18 23:22 . 2014-07-10 09:06 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-06-18 23:06 . 2014-07-10 09:06 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58 . 2014-07-10 09:06 2266112 ----a-w- c:\windows\system32\wininet.dll
2014-06-18 22:52 . 2014-07-10 09:06 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-06-18 22:51 . 2014-07-10 09:06 13527040 ----a-w- c:\windows\system32\ieframe.dll
2014-06-18 22:46 . 2014-07-10 09:06 1068032 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45 . 2014-07-10 09:06 1964544 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-06-18 22:34 . 2014-07-10 09:06 1393664 ----a-w- c:\windows\system32\urlmon.dll
2014-06-18 22:15 . 2014-07-10 09:06 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-06-18 22:13 . 2014-07-10 09:06 1791488 ----a-w- c:\windows\SysWow64\wininet.dll
2014-06-18 02:18 . 2014-07-10 09:07 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-10 09:07 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-18 01:10 . 2014-07-10 09:07 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-06-06 10:10 . 2014-07-10 09:07 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-10 09:07 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-10 09:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-10 09:06 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-10 09:06 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-05-30 08:08 . 2014-07-10 09:07 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-10 09:07 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-10 09:07 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-10 09:07 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-10 09:07 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-10 09:07 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-10 09:07 22016 ----a-w- c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-10 09:07 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-10 09:07 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-10 09:07 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-10 09:07 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-10 09:07 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-10 09:07 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-10 09:07 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-10 09:07 497152 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-02-01 11:43 220632 ----a-w- c:\users\ThinkPad\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-02-01 11:43 220632 ----a-w- c:\users\ThinkPad\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-02-01 11:43 220632 ----a-w- c:\users\ThinkPad\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"E-MU USB Audio Control Panel"="c:\program files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe" [2007-11-26 274432]
"f.lux"="c:\users\ThinkPad\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-21 291648]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-08-31 508144]
"PWMTRV"="c:\program files (x86)\ThinkPad\Utilities\PWMTR64V.DLL" [2013-12-09 6623576]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-06 4085896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 emusba10;E-MU USB-Audio 1.0 Driver;c:\windows\system32\DRIVERS\emusba10.sys;c:\windows\SYSNATIVE\DRIVERS\emusba10.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Power Manager DBC Service;Power Manager Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 emaudsv;E-MU Audio Service;c:\windows\system32\emaudsv.exe;c:\windows\SYSNATIVE\emaudsv.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [x]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe;c:\windows\SYSNATIVE\SAsrv.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ValBioService;ValBioService;c:\program files\Lenovo Fingerprint Reader\ValBioService.exe;c:\program files\Lenovo Fingerprint Reader\ValBioService.exe [x]
S2 valWBFPolicyService;Validity WBF Policy Service;c:\windows\system32\valWBFPolicyService.exe;c:\windows\SYSNATIVE\valWBFPolicyService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 tvtvcamd;Camera Plus (VGA Resolution Maximum);c:\windows\system32\DRIVERS\tvtvcamd.sys;c:\windows\SYSNATIVE\DRIVERS\tvtvcamd.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-08-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-29 10:48]
.
2014-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29 05:29]
.
2014-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8d6d88815135.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29 05:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-02-01 11:43 244696 ----a-w- c:\users\ThinkPad\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-02-01 11:43 244696 ----a-w- c:\users\ThinkPad\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-02-01 11:43 244696 ----a-w- c:\users\ThinkPad\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-06 17:54 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2013-10-25 295720]
"TpShocks"="TpShocks.exe" [2013-11-29 384344]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-14 887968]
"ForteConfig"="c:\program files\Conexant\ForteConfig\fmapp.exe" [2010-10-26 49056]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-05-31 184112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-06-18 11586944]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.sk/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send to Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Native Instruments Kontakt 4 - c:\programdata\{BF329843-149E-4A5A-82A1-0250286442D0}\Kontakt 4 Setup PC.exe
AddRemove-Native Instruments Massive - c:\programdata\{13A9B825-42CB-4973-913D-2194B5A4CF94}\Massive Setup PC.exe
AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files (x86)\GreenTree Applications\YTD Video Downloader\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PaceLicenseDServices]
"ImagePath"="\"c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe\" -u https://activation.paceap.com/InitiateActivation"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\SysWOW64\SAsrv.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\progra~1\Lenovo\HOTKEY\TPONSCR.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-08-10 01:00:53 - machine was rebooted
ComboFix-quarantined-files.txt 2014-08-09 23:00
ComboFix2.txt 2014-08-09 19:27
.
Pre-Run: 251 726 102 528 bytes free
Post-Run: 251 417 513 984 bytes free
.
- - End Of File - - 8BEBE3F4ADFB1751E083453180CBB836

#12 Příspěvek od **Márty84** » 10 srp 2014 09:56

Dejte novy log z RSIT

uzivatel 123 · #13 Příspěvek od **uzivatel 123** » 10 srp 2014 10:57

Logfile of random's system information tool 1.10 (written by random/random)
Run by ThinkPad at 2014-08-10 11:56:38
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 240 GB (50%) free of 477 GB
Total RAM: 3662 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:56:56, on 10. 8. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe
C:\Users\ThinkPad\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.72\opera_crashreporter.exe
C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
C:\Program Files\trend micro\ThinkPad.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [PWMTRV] rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [E-MU USB Audio Control Panel] "C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe"
O4 - HKCU\..\Run: [f.lux] "C:\Users\ThinkPad\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: E-MU Audio Service (emaudsv) - Unknown owner - C:\Windows\system32\emaudsv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: ThinkVantage Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: Power Manager Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: ValBioService - Validity Sensors, Inc. - C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13279 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-115a3da4-595b-48b8-b0eb-765c7d106323 -SystemEventPortName:HostProcess-aa733012-4670-4a9a-8108-51d66068a9df -IoCancelEventPortName:HostProcess-fb7effe2-ced6-4562-ab1d-ba970f477599 -NonStateChangingEventPortName:HostProcess-218b72e4-4919-4f9e-b062-d06834efbade -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fd94cd71-4f8c-4f29-8ddc-caaa19d9ef1a -DeviceGroupId:
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 30129552
\??\C:\Windows\system32\conhost.exe "-1097436908-1999454226-6875068436155700520565054842059958150-72243506-969115376
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\system32\emaudsv.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\SysWOW64\SAsrv.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe"
"taskhost.exe"
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Windows\system32\valWBFPolicyService.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
"C:\Windows\system32\Dwm.exe"
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
WLIDSvcM.exe 3136
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe"
"C:\Users\ThinkPad\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe" --ran-launcher /crash-reporter-parent-id=5960
"C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe" --type=gpu-process --channel="5960.0.1668677515\1584722064" --crash-reporter-pid=5472 --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,16 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2843 --crash-reporter-pid=5472 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --extension-process --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5472 --enable-threaded-compositing --enable-delegated-renderer --channel="5960.2.43012721\1865222239" /prefetch:673131151
"C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5472 --enable-threaded-compositing --enable-delegated-renderer --channel="5960.4.775793225\1433687462" /prefetch:673131151
"C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5472 --enable-threaded-compositing --enable-delegated-renderer --channel="5960.5.1980866744\303447736" /prefetch:673131151
"C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5472 --enable-threaded-compositing --enable-delegated-renderer --channel="5960.6.1309082725\52463475" /prefetch:673131151
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" --disable-direct-npapi-requests --lang=sk --channel="5960.13.894722443\969403547" --crash-reporter-pid=5472 /prefetch:-390060480
"C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5472 --enable-threaded-compositing --enable-delegated-renderer --channel="5960.14.1158571304\1344415954" /prefetch:673131151
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe" ytidilav
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
\??\C:\Windows\system32\conhost.exe "436875819-10091599171957643667-2044275928311611663138553584-1155148861-794649824
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5472 --enable-threaded-compositing --enable-delegated-renderer --channel="5960.21.196708990\51651243" /prefetch:673131151
C:\Windows\system32\AUDIODG.EXE 0x31c
"C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5472 --enable-threaded-compositing --enable-delegated-renderer --channel="5960.24.161425792\216207864" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\ThinkPad\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8d6d88815135.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-06 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-06 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-06 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-06 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2013-10-25 295720]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2013-11-29 384344]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2012-06-14 887968]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-06-01 184112]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-06-18 11586944]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-02-24 2809072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"E-MU USB Audio Control Panel"=C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe [2007-11-26 274432]
"f.lux"=C:\Users\ThinkPad\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-02 21648480]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-21 291648]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31 508144]
"PWMTRV"=rundll32 C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-06 4085896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-25 441856]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"midi4"=wdmaud.drv
"midi5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-08-10 01:00:54 ----A---- C:\ComboFix.txt
2014-08-10 00:55:35 ----SHD---- C:\$RECYCLE.BIN
2014-08-09 18:55:34 ----A---- C:\Windows\zip.exe
2014-08-09 18:55:34 ----A---- C:\Windows\SWSC.exe
2014-08-09 18:55:34 ----A---- C:\Windows\SWREG.exe
2014-08-09 18:55:34 ----A---- C:\Windows\sed.exe
2014-08-09 18:55:34 ----A---- C:\Windows\PEV.exe
2014-08-09 18:55:34 ----A---- C:\Windows\NIRCMD.exe
2014-08-09 18:55:34 ----A---- C:\Windows\MBR.exe
2014-08-09 18:55:34 ----A---- C:\Windows\grep.exe
2014-08-09 18:55:17 ----D---- C:\Qoobox
2014-08-09 18:54:52 ----D---- C:\Windows\erdnt
2014-08-07 11:31:06 ----D---- C:\ProgramData\Malwarebytes
2014-08-06 20:02:57 ----D---- C:\Users\ThinkPad\AppData\Roaming\AVAST Software
2014-08-06 19:54:53 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-08-06 19:54:53 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-08-06 19:54:53 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-08-06 19:54:53 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-08-06 19:54:53 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-08-06 19:54:53 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-08-06 19:54:53 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-08-06 19:54:53 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-08-06 19:54:52 ----A---- C:\Windows\system32\aswBoot.exe
2014-08-06 19:54:50 ----A---- C:\Windows\avastSS.scr
2014-08-06 19:51:37 ----D---- C:\Program Files\AVAST Software
2014-08-06 18:09:25 ----D---- C:\Program Files (x86)\MixMeister BPM Analyzer
2014-08-06 13:35:28 ----D---- C:\ProgramData\AVAST Software
2014-08-06 12:59:06 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-08-06 12:59:00 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-08-06 12:59:00 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-08-06 12:59:00 ----A---- C:\Windows\SYSWOW64\java.exe
2014-08-06 12:58:53 ----D---- C:\Program Files (x86)\Java
2014-08-06 12:47:56 ----D---- C:\AdwCleaner
2014-08-06 12:05:07 ----D---- C:\Users\ThinkPad\AppData\Roaming\Spesoft Text To MP3
2014-08-06 12:04:59 ----D---- C:\Program Files (x86)\Spesoft Text To MP3 Speaker
2014-08-01 13:42:35 ----D---- C:\Program Files\trend micro
2014-08-01 13:42:34 ----D---- C:\rsit
2014-07-31 11:14:16 ----A---- C:\Windows\system32\wups2.dll
2014-07-31 11:14:16 ----A---- C:\Windows\system32\wucltux.dll
2014-07-31 11:14:16 ----A---- C:\Windows\system32\wuaueng.dll
2014-07-31 11:14:16 ----A---- C:\Windows\system32\wuauclt.exe
2014-07-31 11:14:10 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-07-31 11:14:10 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-07-31 11:14:10 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-07-31 11:14:10 ----A---- C:\Windows\system32\wups.dll
2014-07-31 11:14:10 ----A---- C:\Windows\system32\wudriver.dll
2014-07-31 11:14:10 ----A---- C:\Windows\system32\wuapi.dll
2014-07-31 11:14:06 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-07-31 11:14:06 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-07-31 11:14:06 ----A---- C:\Windows\system32\wuwebv.dll
2014-07-31 11:14:06 ----A---- C:\Windows\system32\wuapp.exe
2014-07-21 05:52:31 ----A---- C:\Windows\vm331Rmv.ini
2014-07-21 05:52:31 ----A---- C:\Windows\SYSWOW64\vm331Rmv.ini
2014-07-21 05:52:31 ----A---- C:\Windows\system32\drivers\vm331avs.sys
2014-07-17 18:08:42 ----D---- C:\ProgramData\Caphyon
2014-07-17 18:08:36 ----D---- C:\Program Files\Common Files\Avid
2014-07-17 17:15:13 ----D---- C:\Users\ThinkPad\AppData\Roaming\Flux
2014-07-17 17:00:26 ----D---- C:\Program Files (x86)\Flux
2014-07-13 21:08:41 ----A---- C:\Windows\system32\VmCoinst.dll
2014-07-13 21:07:58 ----D---- C:\DRIVERS

======List of files/folders modified in the last 1 month======

2014-08-10 11:48:00 ----D---- C:\Windows\Prefetch
2014-08-10 11:34:36 ----D---- C:\Windows\Temp
2014-08-10 11:13:38 ----D---- C:\Windows\System32
2014-08-10 11:13:38 ----D---- C:\Windows\inf
2014-08-10 11:13:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-10 11:11:27 ----A---- C:\Windows\SYSWOW64\log.txt
2014-08-10 11:09:18 ----AD---- C:\ProgramData\PACE
2014-08-10 01:28:27 ----D---- C:\Windows\system32\config
2014-08-10 01:01:01 ----D---- C:\Windows\system32\drivers
2014-08-10 00:55:36 ----D---- C:\Windows
2014-08-10 00:55:36 ----A---- C:\Windows\system.ini
2014-08-10 00:49:04 ----D---- C:\Windows\SYSWOW64\drivers
2014-08-10 00:49:04 ----D---- C:\Windows\SysWOW64
2014-08-10 00:49:03 ----D---- C:\Windows\AppPatch
2014-08-10 00:49:00 ----D---- C:\Program Files (x86)\Common Files
2014-08-09 23:52:01 ----D---- C:\Users\ThinkPad\AppData\Roaming\Skype
2014-08-09 23:47:40 ----D---- C:\Audio
2014-08-09 21:22:45 ----D---- C:\ProgramData
2014-08-09 18:44:12 ----D---- C:\Windows\Logs
2014-08-09 18:44:11 ----SHD---- C:\System Volume Information
2014-08-08 10:33:23 ----RD---- C:\Program Files (x86)
2014-08-07 23:59:05 ----D---- C:\Users\ThinkPad\AppData\Roaming\uTorrent
2014-08-07 20:13:54 ----D---- C:\Images
2014-08-07 17:27:24 ----D---- C:\AUDIO DEPARTMENT
2014-08-07 17:12:27 ----D---- C:\Users\ThinkPad\AppData\Roaming\Winamp
2014-08-07 01:10:39 ----D---- C:\Windows\rescache
2014-08-06 23:27:55 ----D---- C:\Program Files (x86)\Google
2014-08-06 21:02:04 ----D---- C:\Program Files (x86)\PokerStars
2014-08-06 19:56:45 ----D---- C:\Windows\system32\Tasks
2014-08-06 19:51:37 ----D---- C:\Program Files
2014-08-06 18:58:55 ----D---- C:\Edits
2014-08-06 18:11:04 ----SHD---- C:\Windows\Installer
2014-08-06 18:11:01 ----D---- C:\Windows\winsxs
2014-08-06 13:02:12 ----D---- C:\ProgramData\Oracle
2014-08-06 12:56:22 ----D---- C:\Program Files (x86)\Opera
2014-08-06 12:50:09 ----D---- C:\ProgramData\MFAData
2014-08-04 11:12:09 ----D---- C:\Windows\Minidump
2014-08-03 20:31:40 ----D---- C:\Killing Floor New 2
2014-08-02 12:58:02 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-08-02 12:58:02 ----D---- C:\Windows\system32\sk-SK
2014-07-31 11:14:23 ----D---- C:\Windows\system32\catroot2
2014-07-31 11:14:23 ----D---- C:\Windows\system32\catroot
2014-07-25 15:09:02 ----D---- C:\Windows\SoftwareDistribution
2014-07-25 12:06:31 ----SD---- C:\ProgramData\Microsoft
2014-07-25 09:44:57 ----D---- C:\Users\ThinkPad\AppData\Roaming\Adobe
2014-07-24 21:43:13 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-24 21:43:12 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-23 10:52:00 ----N---- C:\Windows\system32\MpSigStub.exe
2014-07-21 07:50:43 ----RSD---- C:\Windows\Fonts
2014-07-21 05:52:41 ----D---- C:\Windows\system
2014-07-21 05:52:41 ----D---- C:\Program Files (x86)\USB Camera
2014-07-21 05:52:39 ----D---- C:\Windows\system32\DriverStore
2014-07-18 17:52:50 ----D---- C:\Windows\system32\NDF
2014-07-17 18:08:36 ----D---- C:\Program Files\Common Files
2014-07-17 17:08:45 ----D---- C:\Program Files (x86)\Steinberg
2014-07-13 21:16:30 ----D---- C:\ProgramData\Skype
2014-07-13 21:16:24 ----RD---- C:\Program Files (x86)\Skype
2014-07-12 21:47:59 ----SD---- C:\Users\ThinkPad\AppData\Roaming\Microsoft
2014-07-11 20:41:58 ----D---- C:\Windows\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-06 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-06 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-06-12 568640]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2013-11-29 152888]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2013-11-29 29496]
R0 Tpkd;Tpkd; C:\Windows\system32\drivers\Tpkd.sys [2013-04-11 106704]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-06 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-06 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-06 427360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-29 283064]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2013-12-09 20736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-06 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-06 79184]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2012-05-21 111104]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2012-06-09 849408]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2012-09-20 1609376]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2013-11-07 54528]
R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2012-07-09 60928]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-08-25 9000256]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-03 62784]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2012-09-30 11523072]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2013-05-16 288840]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-13 726160]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-02-24 31472]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-02-24 552176]
R3 tvtvcamd;Camera Plus (VGA Resolution Maximum); C:\Windows\system32\DRIVERS\tvtvcamd.sys [2011-12-08 27432]
R3 vm331avs;Digital Camera 1; C:\Windows\System32\Drivers\vm331avs.sys [2013-04-30 1049984]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-06 92008]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 emusba10;E-MU USB-Audio 1.0 Driver; C:\Windows\system32\DRIVERS\emusba10.sys [2007-11-26 213272]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDID1027;PCR; C:\Windows\system32\Drivers\rdwm1027.sys [2009-09-18 81920]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-06 50344]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-06-18 1095616]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-06-18 1333184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-06-18 1124288]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2012-06-08 201376]
R2 emaudsv;E-MU Audio Service; C:\Windows\system32\emaudsv.exe [2007-11-26 25600]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2013-11-07 66856]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-19 634632]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-20 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-20 166720]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2013-10-25 58664]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2013-06-24 110072]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-10-25 73000]
R2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2013-10-25 197928]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-10 136288]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-20 277824]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 PaceLicenseDServices;PACE License Services; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2014-01-16 17191840]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe []
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2013-06-20 125432]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2013-06-20 125504]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-20 365376]
R2 ValBioService;ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [2013-10-28 22872]
R2 valWBFPolicyService;Validity WBF Policy Service; C:\Windows\system32\valWBFPolicyService.exe [2013-10-28 40848]
R3 Power Manager DBC Service;Power Manager Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2013-12-09 1669976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-08-26 276288]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2013-12-09 1664856]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-02-21 24120]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2013-11-29 47448]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-28 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#14 Příspěvek od **Márty84** » 10 srp 2014 13:14

Jeste jeden sken a budem mazat.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

uzivatel 123 · #15 Příspěvek od **uzivatel 123** » 10 srp 2014 14:35

OTL LOG part 1:

OTL logfile created on: 10. 8. 2014 14:25:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ThinkPad\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,58 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 67,24% Memory free
7,15 Gb Paging File | 5,49 Gb Available in Paging File | 76,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 234,35 Gb Free Space | 50,33% Space Free | Partition Type: NTFS

Computer Name: MATUS | User Name: ThinkPad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/08/10 14:17:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ThinkPad\Desktop\OTL.exe
PRC - [2014/08/06 19:56:55 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/08/06 19:54:49 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/06/21 18:26:10 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/01/16 09:38:18 | 017,191,840 | ---- | M] (PACE Anti-Piracy, Inc.) -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
PRC - [2013/12/21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/09 07:04:00 | 001,669,976 | ---- | M] (Lenovo) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2013/12/09 07:04:00 | 000,127,832 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
PRC - [2013/10/25 14:58:28 | 000,197,928 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
PRC - [2013/10/25 14:58:22 | 000,295,720 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
PRC - [2013/10/25 14:58:18 | 000,073,000 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2013/10/25 14:57:56 | 000,058,664 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe
PRC - [2013/10/24 00:39:14 | 001,017,224 | ---- | M] (Flux Software LLC) -- C:\Users\ThinkPad\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2013/07/31 01:00:00 | 000,567,800 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2013/06/24 11:40:48 | 000,110,072 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
PRC - [2013/06/20 15:05:44 | 000,125,504 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2012/07/20 02:00:54 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/20 02:00:52 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/20 02:00:38 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/07/20 02:00:28 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/18 15:32:00 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/06/18 15:31:58 | 001,333,184 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2012/06/18 15:31:48 | 001,095,616 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/06/18 15:31:42 | 000,956,352 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2012/05/21 16:26:26 | 000,291,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/01/07 13:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe
PRC - [2007/11/26 16:03:12 | 000,274,432 | ---- | M] (E-MU Systems) -- C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe

========== Modules (No Company Name) ==========

MOD - [2014/08/06 19:54:50 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/08/06 19:54:49 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2013/01/17 15:33:02 | 000,667,648 | ---- | M] () -- C:\Windows\SysWOW64\vmprp331.ax
MOD - [2007/09/17 12:36:04 | 001,720,320 | ---- | M] () -- C:\Program Files (x86)\Creative Professional\E-MU USB Audio\QtCore4.dll
MOD - [2006/10/20 20:25:18 | 003,969,024 | ---- | M] () -- C:\Program Files (x86)\Creative Professional\E-MU USB Audio\QtGui4.dll
MOD - [2006/10/20 20:20:14 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\Creative Professional\E-MU USB Audio\QtXml4.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/08/06 19:54:49 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/06/19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/29 19:20:12 | 000,047,448 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2013/11/07 19:46:22 | 000,066,856 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2013/10/28 05:34:24 | 000,022,872 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe -- (ValBioService)
SRV:64bit: - [2013/10/28 05:31:56 | 000,040,848 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\valWBFPolicyService.exe -- (valWBFPolicyService)
SRV:64bit: - [2013/10/25 14:58:28 | 000,197,928 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe -- (LENOVO.TVTVCAM)
SRV:64bit: - [2013/10/25 14:58:18 | 000,073,000 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV:64bit: - [2013/10/25 14:57:56 | 000,058,664 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV:64bit: - [2013/06/24 11:40:48 | 000,110,072 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:64bit: - [2013/06/20 15:05:50 | 000,125,432 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:64bit: - [2013/06/20 15:05:44 | 000,125,504 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/08/23 17:05:12 | 003,342,640 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012/08/23 17:04:28 | 000,272,688 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012/08/23 17:04:00 | 000,629,040 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012/08/23 17:03:14 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012/08/23 14:39:38 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/08/10 21:49:38 | 000,136,288 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV:64bit: - [2012/07/18 01:52:16 | 000,659,472 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012/06/19 20:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2012/06/08 18:07:16 | 000,201,376 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007/11/26 16:13:06 | 000,025,600 | ---- | M] (E-MU Systems) [Auto | Running] -- C:\Windows\SysNative\emaudsv.exe -- (emaudsv)
SRV - [2014/07/09 12:48:38 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/21 13:39:52 | 000,024,120 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2014/01/16 09:38:18 | 017,191,840 | ---- | M] (PACE Anti-Piracy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe -- (PaceLicenseDServices)
SRV - [2013/12/21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/09 07:04:00 | 001,669,976 | ---- | M] (Lenovo) [On_Demand | Running] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2013/12/09 07:04:00 | 001,664,856 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe -- (PwmEWSvc)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/08/26 16:56:14 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/07/20 02:00:54 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/20 02:00:52 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/20 02:00:38 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/07/20 02:00:28 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/06/18 15:32:00 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/06/18 15:31:58 | 001,333,184 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2012/06/18 15:31:48 | 001,095,616 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011/01/07 13:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/08/06 19:56:54 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/08/06 19:54:51 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/08/06 19:54:51 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/08/06 19:54:51 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/08/06 19:54:51 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/08/06 19:54:51 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/08/06 19:54:51 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/08/06 19:54:51 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/02/24 20:39:30 | 000,552,176 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2014/02/24 20:39:28 | 000,031,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2014/01/29 07:34:29 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/12/09 07:04:00 | 000,020,736 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2013/11/29 19:20:12 | 000,152,888 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2013/11/29 19:20:12 | 000,029,496 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2013/11/07 19:46:20 | 000,054,528 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2013/05/16 12:29:20 | 000,288,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2013/04/30 16:47:52 | 001,049,984 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm331avs.sys -- (vm331avs)
DRV:64bit: - [2013/04/11 14:08:40 | 000,106,704 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2013/02/05 23:06:06 | 000,057,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/09/30 12:24:08 | 011,523,072 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012/09/20 15:11:24 | 001,609,376 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2012/08/25 17:02:44 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/18 01:49:00 | 000,198,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012/07/18 01:49:00 | 000,198,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012/07/09 16:27:06 | 000,060,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012/07/03 07:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 23:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/13 14:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/06/12 16:40:30 | 000,568,640 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012/06/09 15:51:44 | 000,849,408 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012/05/21 16:25:30 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/05/21 16:25:30 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/05/21 16:25:30 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/05/21 09:39:12 | 000,111,104 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/08 11:59:52 | 000,027,432 | ---- | M] (ThinkVantage Communications Utility) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvtvcamd.sys -- (tvtvcamd)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/09/18 01:25:00 | 000,081,920 | ---- | M] (Roland Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rdwm1027.sys -- (RDID1027)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/11/26 16:15:06 | 000,213,272 | ---- | M] (E-MU Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emusba10.sys -- (emusba10)
DRV:64bit: - [2005/09/23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3037261787-434155478-2496983176-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-3037261787-434155478-2496983176-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 07 F8 1E 78 15 1C CF 01 [binary data]
IE - HKU\S-1-5-21-3037261787-434155478-2496983176-1000\..\SearchScopes,DefaultScope = {CE2C1C86-4D14-42C1-A7CC-D171AA638E00}
IE - HKU\S-1-5-21-3037261787-434155478-2496983176-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-3037261787-434155478-2496983176-1000\..\SearchScopes\{CE2C1C86-4D14-42C1-A7CC-D171AA638E00}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-3037261787-434155478-2496983176-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/08/06 19:54:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: Docs = C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Disk Google = C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: HÄľadaĹĄ v Google = C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014/08/10 00:55:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [ForteConfig] C:\Program Files\CONEXANT\ForteConfig\fmapp.exe ()
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-21-3037261787-434155478-2496983176-1000..\Run: [E-MU USB Audio Control Panel] C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe (E-MU Systems)
O4 - HKU\S-1-5-21-3037261787-434155478-2496983176-1000..\Run: [f.lux] C:\Users\ThinkPad\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3037261787-434155478-2496983176-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3037261787-434155478-2496983176-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3037261787-434155478-2496983176-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{05FA47D3-05FB-4E89-AC19-038A5B7FA779}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B310EF6A-B330-4E22-88AE-76B101D104B0}: DhcpNameServer = 8.8.4.4 8.8.8.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/08/10 14:17:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ThinkPad\Desktop\OTL.exe
[2014/08/10 00:55:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/08/10 00:37:32 | 005,568,206 | R--- | C] (Swearware) -- C:\Users\ThinkPad\Desktop\ComboFix.exe
[2014/08/09 18:55:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/08/09 18:55:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/08/09 18:55:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/08/09 18:55:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/08/09 18:54:52 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/08/08 10:35:04 | 000,000,000 | ---D | C] -- C:\Users\ThinkPad\Desktop\CrystalDiskInfo5_0_0
[2014/08/08 09:00:17 | 000,000,000 | ---D | C] -- C:\Users\ThinkPad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
[2014/08/08 09:00:14 | 000,000,000 | ---D | C] -- C:\Users\ThinkPad\AppData\Local\FluxSoftware
[2014/08/07 20:01:24 | 000,000,000 | ---D | C] -- C:\Users\ThinkPad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vember Audio SURGE
[2014/08/07 20:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vember Audio SURGE
[2014/08/07 11:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/08/06 20:02:57 | 000,000,000 | ---D | C] -- C:\Users\ThinkPad\AppData\Roaming\AVAST Software
[2014/08/06 19:57:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/08/06 19:54:53 | 001,041,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/08/06 19:54:53 | 000,427,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/08/06 19:54:53 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/08/06 19:54:53 | 000,092,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/08/06 19:54:53 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/08/06 19:54:52 | 000,307,344 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/08/06 19:54:50 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/08/06 19:51:37 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/08/06 18:09:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MixMeister BPM Analyzer
[2014/08/06 18:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister
[2014/08/06 13:38:32 | 000,426,848 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys.1407325123586
[2014/08/06 13:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/08/06 12:59:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/08/06 12:59:06 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/08/06 12:59:00 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/08/06 12:59:00 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/08/06 12:59:00 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/08/06 12:59:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/08/06 12:58:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/08/06 12:47:56 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/08/06 12:05:07 | 000,000,000 | ---D | C] -- C:\Users\ThinkPad\AppData\Roaming\Spesoft Text To MP3
[2014/08/06 12:04:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spesoft Text To MP3 Speaker
[2014/08/06 12:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spesoft Text To MP3 Speaker
[2014/08/01 13:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/08/01 13:42:34 | 000,000,000 | ---D | C] -- C:\rsit
[2014/07/31 11:14:16 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/07/31 11:14:16 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/07/31 11:14:16 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/07/31 11:14:10 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/07/31 11:14:10 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/07/31 11:14:10 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/07/31 11:14:10 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/07/31 11:14:10 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/07/31 11:14:10 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/07/31 11:14:06 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/07/31 11:14:06 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/07/31 11:14:06 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/07/31 11:14:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/07/21 05:52:31 | 001,049,984 | ---- | C] (Vimicro Corporation) -- C:\Windows\SysNative\drivers\vm331avs.sys
[2014/07/17 20:22:42 | 000,000,000 | ---D | C] -- C:\Users\ThinkPad\AppData\Local\Diagnostics
[2014/07/17 18:10:33 | 000,000,000 | ---D | C] -- C:\Users\ThinkPad\Documents\Flux
[2014/07/17 18:08:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon
[2014/07/17 18:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Avid
[2014/07/17 18:08:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Avid
[2014/07/17 18:08:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flux
[2014/07/17 17:15:13 | 000,000,000 | ---D | C] -- C:\Users\ThinkPad\AppData\Roaming\Flux
[2014/07/17 17:00:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flux
[2014/07/13 21:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/07/13 21:16:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/07/13 21:08:41 | 000,358,912 | ---- | C] (Vimicro Corporation) -- C:\Windows\SysNative\VmCoinst.dll
[2014/07/13 21:07:58 | 000,000,000 | ---D | C] -- C:\DRIVERS
[2014/07/12 13:13:10 | 000,000,000 | ---D | C] -- C:\Users\ThinkPad\Desktop\txt

========== Files - Modified Within 30 Days ==========

[2014/08/10 14:31:05 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8d6d88815135.job
[2014/08/10 14:28:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/08/10 14:17:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ThinkPad\Desktop\OTL.exe
[2014/08/10 13:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/08/10 11:16:29 | 000,031,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/08/10 11:16:29 | 000,031,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/08/10 11:13:38 | 000,781,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/08/10 11:13:38 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/10 11:13:38 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/10 11:09:17 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/10 11:09:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/10 11:08:33 | 2879,664,128 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/10 00:39:09 | 005,568,206 | R--- | M] (Swearware) -- C:\Users\ThinkPad\Desktop\ComboFix.exe
[2014/08/09 22:04:24 | 005,575,792 | ---- | M] () -- C:\Users\ThinkPad\Desktop\Unsane1.wav
[2014/08/08 19:27:52 | 012,880,872 | ---- | M] () -- C:\Users\ThinkPad\Desktop\NUEX - Unsane- preview.mp3
[2014/08/06 19:57:05 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/08/06 19:56:54 | 000,427,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/08/06 19:54:51 | 001,041,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/08/06 19:54:51 | 000,307,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/08/06 19:54:51 | 000,224,896 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/08/06 19:54:51 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/08/06 19:54:51 | 000,092,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/08/06 19:54:51 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/08/06 19:54:51 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/08/06 19:54:51 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/08/06 19:54:50 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/08/06 18:09:25 | 000,001,033 | ---- | M] () -- C:\Users\ThinkPad\Desktop\MixMeister BPM Analyzer.lnk
[2014/08/06 13:38:26 | 000,426,848 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys.1407325123586
[2014/08/06 12:58:54 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/08/06 12:58:54 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/08/06 12:58:54 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/08/06 12:58:54 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/08/06 12:05:00 | 000,001,260 | ---- | M] () -- C:\Users\ThinkPad\Desktop\Spesoft Text To MP3 Speaker.lnk
[2014/08/01 15:07:24 | 000,007,619 | ---- | M] () -- C:\Users\ThinkPad\AppData\Local\Resmon.ResmonCfg
[2014/07/23 17:55:37 | 000,418,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/13 21:16:24 | 000,002,523 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

========== Files Created - No Company Name ==========

[2014/08/10 14:28:01 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/08/09 22:04:18 | 005,575,792 | ---- | C] () -- C:\Users\ThinkPad\Desktop\Unsane1.wav
[2014/08/09 18:55:34 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/08/09 18:55:34 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/08/09 18:55:34 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/08/09 18:55:34 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/08/09 18:55:34 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/08/08 19:11:41 | 012,880,872 | ---- | C] () -- C:\Users\ThinkPad\Desktop\NUEX - Unsane- preview.mp3
[2014/08/06 19:57:05 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/08/06 19:54:53 | 000,224,896 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/08/06 19:54:53 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/08/06 19:54:53 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/08/06 18:09:25 | 000,001,033 | ---- | C] () -- C:\Users\ThinkPad\Desktop\MixMeister BPM Analyzer.lnk
[2014/08/06 12:05:00 | 000,001,260 | ---- | C] () -- C:\Users\ThinkPad\Desktop\Spesoft Text To MP3 Speaker.lnk
[2014/08/01 15:07:24 | 000,007,619 | ---- | C] () -- C:\Users\ThinkPad\AppData\Local\Resmon.ResmonCfg
[2014/07/21 05:52:31 | 000,001,988 | ---- | C] () -- C:\Windows\vm331Rmv.ini
[2014/07/21 05:52:31 | 000,001,988 | ---- | C] () -- C:\Windows\SysWow64\vm331Rmv.ini
[2014/07/21 05:52:31 | 000,000,356 | ---- | C] () -- C:\Windows\System\vm331avs.rsf
[2014/07/13 21:16:24 | 000,002,523 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/07/07 19:01:30 | 000,001,536 | ---- | C] () -- C:\Users\ThinkPad\PaceKeyChain
[2014/04/04 12:39:36 | 000,017,408 | ---- | C] () -- C:\Windows\SysWow64\minimp3.exe
[2014/02/05 00:45:29 | 006,475,776 | ---- | C] () -- C:\Windows\SysWow64\PSP VintageWarmer2.dll
[2014/02/03 18:38:33 | 000,950,000 | ---- | C] () -- C:\Windows\SH1001YAPA.dat
[2014/02/02 15:00:43 | 000,003,584 | ---- | C] () -- C:\Users\ThinkPad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/02/02 11:38:31 | 000,000,218 | ---- | C] () -- C:\Users\ThinkPad\AppData\Local\recently-used.xbel
[2014/01/28 16:04:38 | 000,765,700 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/01/28 13:22:40 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/01/28 13:17:43 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2014/01/28 13:17:40 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/01/28 13:17:39 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/07/16 09:49:08 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2014/07/16 09:49:08 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2014/08/06 20:02:57 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\AVAST Software
[2014/07/09 12:50:00 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\AVG
[2014/02/02 11:39:29 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\BitLord
[2014/02/25 15:21:24 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\BSplayer PRO
[2014/05/28 23:17:29 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\DAEMON Tools Lite
[2014/05/07 18:13:39 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\FabFilter
[2014/07/17 18:10:33 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\Flux
[2014/02/03 19:38:17 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\FXpansion
[2014/01/28 12:36:51 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\GHISLER
[2014/02/03 19:39:16 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\Image-Line
[2014/02/13 21:40:54 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\iZotope
[2014/02/05 23:57:04 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\KORG
[2014/06/10 13:44:39 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\Opera Software
[2014/04/29 09:56:03 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\Oracle
[2014/01/29 08:04:32 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\PwrMgr
[2014/02/02 11:30:39 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\Python-Eggs
[2014/07/08 15:56:52 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\Sample Magic
[2014/08/09 22:06:25 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\Spesoft Text To MP3
[2014/03/28 10:31:21 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014/01/30 16:39:19 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\Steinberg
[2014/04/02 10:26:35 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\Trillian
[2014/07/09 12:36:56 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\TuneUp Software
[2014/08/07 23:59:05 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\uTorrent
[2014/02/05 18:47:37 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\VST3 Presets
[2014/02/03 19:38:48 | 000,000,000 | ---D | M] -- C:\Users\ThinkPad\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,232 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014/01/29 07:29:30 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/01/29 07:59:56 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/06/21 18:26:19 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d6d88815135.job

< >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010/11/21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013/05/10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013/10/05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013/05/10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010/11/21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013/05/10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013/05/13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013/10/05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2012/06/12 16:40:30 | 000,568,640 | ---- | M] (Intel Corporation) MD5=88D26E2881646FAD2B2114CF8C75FC3C -- C:\Windows\SysNative\drivers\iaStor.sys
[2012/06/12 16:40:30 | 000,568,640 | ---- | M] (Intel Corporation) MD5=88D26E2881646FAD2B2114CF8C75FC3C -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_83def68c679d7974\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2014/05/30 10:00:12 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=04F6C08B30C599D301CE8530A6F6A703 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\erdnt\cache64\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\SysNative\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2013/09/25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2012/08/24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012/06/04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2013/09/25 03:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
[2014/05/30 10:07:57 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=F23812F9F7B130854E4BC0389F7C688C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe

VIRY.CZ

Poprosim o kontrolu .

Poprosim o kontrolu .

Re: Poprosim o kontrolu .

Re: Poprosim o kontrolu .

Re: Poprosim o kontrolu .

Re: Poprosim o kontrolu .

Re: Poprosim o kontrolu .

Re: Poprosim o kontrolu .

Re: Poprosim o kontrolu .

Re: Poprosim o kontrolu .

Re: Poprosim o kontrolu .

Re: Poprosim o kontrolu .

Re: Poprosim o kontrolu .

Re: Poprosim o kontrolu .

Re: Poprosim o kontrolu .

Re: Poprosim o kontrolu .