preventivna kontrola

Zpráva

jefty · #1 Příspěvek od **jefty** » 26 pro 2014 22:34

Ahoj,
priatelkin notebook mal problem s "delta-homes". PC som vycistil s AdwCleaner, Junkware Removal Tool, zoek.exe a nasledne preskenoval s Malwarebytes Anti-Malware. Uz by mal byt komplet cisty, no prosim o preventivnu kontrolu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2014-12-26 22:31:57
Microsoft Windows 8.1
System drive C: has 339 GB (78%) free of 434 GB
Total RAM: 4019 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:32:23, on 26.12.2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lenka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5CEB355F-DB08-46C0-AFA6-A9F624318B13}: NameServer = 213.151.222.34 85.237.225.250
O17 - HKLM\System\CCS\Services\Tcpip\..\{FB2D3DE5-D944-4258-9AFE-EA5741580FD5}: NameServer = 213.151.222.34 85.237.225.250
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
O23 - Service: VisualDiscovery - Superfish, Inc. - C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 9638 bytes

======Listing Processes======

wininit.exe

winlogon.exe

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\WLANExt.exe 4297853840
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
dashost.exe {c55287e5-3d1c-432b-b5f4c0afe4d63f72}
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe"
"C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe"

"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5041dde0-51c1-415c-b251-ede4c47d8e61 -SystemEventPortName:HostProcess-de70dbdb-099c-490b-907f-c21a55969eaa -IoCancelEventPortName:HostProcess-16b98962-9da9-4a8f-8ba5-91a65136f527 -NonStateChangingEventPortName:HostProcess-60f0f0b4-6dcd-4699-9fcf-c14d3d5ad773 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:171e58ee-d72a-4f25-8584-8152142b31bb -DeviceGroupId:WudfDefaultDevicePool
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe

C:\windows\Explorer.EXE
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\ProgramData\DatacardService\DCSHelper.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Windows\RTFTrack.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1152.0.959611026\1989948960" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3379 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableHUPScoringExperiment_Control/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.5 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1152.9.1684303290\2132953362" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableHUPScoringExperiment_Control/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.5 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1152.10.1837919754\1360745530" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableHUPScoringExperiment_Control/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.5 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1152.11.1835883354\962460814" /prefetch:673131151
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 556 560 568 65536 564
"C:\Users\Lenka\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bofe02cu.default

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll

C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bofe02cu.default\extensions\
detgdp@gmail.com

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2013-12-24 391128]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2013-12-24 771544]
"Persistence"=C:\windows\system32\igfxpers.exe [2013-12-24 770520]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-09-19 7818040]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-04 13651672]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-31 1321688]
"RtsFT"=C:\windows\RTFTrack.exe [2013-10-19 6340312]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-08-18 15813616]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-08-18 80880]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ISCTSystray.lnk - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2013-12-24 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VisualDiscovery]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-26 22:31:57 ----D---- C:\rsit
2014-12-26 22:31:57 ----D---- C:\Program Files\trend micro
2014-12-26 21:49:34 ----SHD---- C:\$RECYCLE.BIN
2014-12-26 21:47:08 ----D---- C:\windows\Temp
2014-12-26 21:35:37 ----D---- C:\zoek_backup
2014-12-26 21:17:08 ----D---- C:\windows\ERUNT
2014-12-26 20:52:45 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-26 20:52:20 ----A---- C:\windows\system32\drivers\mwac.sys
2014-12-26 20:52:20 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2014-12-26 20:52:19 ----D---- C:\ProgramData\Malwarebytes
2014-12-26 20:52:19 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-26 20:52:19 ----A---- C:\windows\system32\drivers\mbam.sys
2014-12-26 15:47:57 ----A---- C:\autoexec.bat
2014-12-21 13:48:01 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-12-11 23:26:49 ----A---- C:\windows\SYSWOW64\DeviceSetupStatusProvider.dll
2014-12-11 23:26:49 ----A---- C:\windows\system32\DeviceSetupStatusProvider.dll
2014-12-11 23:26:46 ----A---- C:\windows\SYSWOW64\MrmCoreR.dll
2014-12-11 23:26:46 ----A---- C:\windows\system32\MrmCoreR.dll
2014-12-11 23:26:42 ----A---- C:\windows\system32\crypt32.dll
2014-12-11 23:26:41 ----A---- C:\windows\SYSWOW64\crypt32.dll
2014-12-11 17:08:21 ----AC---- C:\windows\system32\drivers\sdbus.sys
2014-12-11 17:08:21 ----AC---- C:\windows\system32\drivers\intelpep.sys
2014-12-11 17:08:21 ----AC---- C:\windows\system32\drivers\dumpsd.sys
2014-12-11 17:08:21 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2014-12-11 17:08:21 ----A---- C:\windows\system32\WindowsCodecs.dll
2014-12-11 17:08:21 ----A---- C:\windows\system32\drivers\pdc.sys
2014-12-11 17:08:17 ----A---- C:\windows\system32\poqexec.exe
2014-12-11 17:08:16 ----A---- C:\windows\SYSWOW64\poqexec.exe
2014-12-11 17:08:13 ----A---- C:\windows\system32\mshtml.dll
2014-12-11 17:08:12 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-12-11 17:08:09 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-12-11 17:08:09 ----A---- C:\windows\system32\ieframe.dll
2014-12-11 17:08:08 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-12-11 17:08:08 ----A---- C:\windows\system32\wininet.dll
2014-12-11 17:08:08 ----A---- C:\windows\system32\urlmon.dll
2014-12-11 17:08:08 ----A---- C:\windows\system32\jscript9.dll
2014-12-11 17:08:08 ----A---- C:\windows\system32\iertutil.dll
2014-12-11 17:08:07 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-12-11 17:08:07 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-12-11 17:08:07 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-12-11 17:08:06 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-12-11 17:08:06 ----A---- C:\windows\system32\ieapfltr.dll
2014-12-11 17:08:05 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-12-11 17:08:05 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-12-11 17:08:05 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-12-11 17:08:05 ----A---- C:\windows\system32\vbscript.dll
2014-12-11 17:08:05 ----A---- C:\windows\system32\msfeeds.dll
2014-12-11 17:08:05 ----A---- C:\windows\system32\iepeers.dll
2014-12-11 17:08:05 ----A---- C:\windows\system32\iedkcs32.dll
2014-12-11 17:08:05 ----A---- C:\windows\system32\ie4uinit.exe
2014-12-11 17:08:04 ----A---- C:\windows\SYSWOW64\webcheck.dll
2014-12-11 17:08:04 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-12-11 17:08:04 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-12-11 17:08:04 ----A---- C:\windows\SYSWOW64\jscript.dll
2014-12-11 17:08:04 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2014-12-11 17:08:04 ----A---- C:\windows\SYSWOW64\iepeers.dll
2014-12-11 17:08:04 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-12-11 17:08:04 ----A---- C:\windows\system32\webcheck.dll
2014-12-11 17:08:04 ----A---- C:\windows\system32\mshtmled.dll
2014-12-11 17:08:04 ----A---- C:\windows\system32\MshtmlDac.dll
2014-12-11 17:08:04 ----A---- C:\windows\system32\jscript.dll
2014-12-11 17:08:04 ----A---- C:\windows\system32\inetcomm.dll
2014-12-11 17:08:04 ----A---- C:\windows\system32\dxtrans.dll
2014-12-08 17:29:51 ----D---- C:\Program Files (x86)\Portal
2014-12-08 17:28:06 ----D---- C:\Program Files (x86)\Portal.1
2014-11-28 12:47:19 ----D---- C:\Users\Lenka\AppData\Roaming\GHISLER
2014-11-28 12:47:19 ----D---- C:\totalcmd
2014-11-28 12:47:19 ----A---- C:\windows\UC.PIF
2014-11-28 12:47:19 ----A---- C:\windows\RAR.PIF
2014-11-28 12:47:19 ----A---- C:\windows\PKZIP.PIF
2014-11-28 12:47:19 ----A---- C:\windows\PKUNZIP.PIF
2014-11-28 12:47:19 ----A---- C:\windows\LHA.PIF
2014-11-28 12:47:19 ----A---- C:\windows\ARJ.PIF

======List of files/folders modified in the last 1 month======

2014-12-26 22:32:04 ----D---- C:\windows\Prefetch
2014-12-26 22:31:57 ----RD---- C:\Program Files
2014-12-26 22:24:03 ----SHD---- C:\windows\Installer
2014-12-26 22:23:08 ----D---- C:\windows\SysWOW64
2014-12-26 22:23:08 ----AD---- C:\Windows
2014-12-26 22:21:44 ----RD---- C:\Program Files (x86)
2014-12-26 22:21:31 ----D---- C:\Program Files (x86)\Google
2014-12-26 22:19:59 ----D---- C:\windows\Tasks
2014-12-26 22:19:59 ----D---- C:\windows\system32\Tasks
2014-12-26 22:00:07 ----D---- C:\windows\system32\sru
2014-12-26 21:49:06 ----A---- C:\windows\SYSWOW64\VisualDiscoveryOff.ini
2014-12-26 21:49:06 ----A---- C:\windows\SYSWOW64\VisualDiscovery.ini
2014-12-26 21:49:06 ----A---- C:\windows\system32\VisualDiscoveryOff.ini
2014-12-26 21:45:29 ----HD---- C:\ProgramData
2014-12-26 21:36:48 ----D---- C:\windows\system32\drivers\etc
2014-12-26 21:28:00 ----D---- C:\windows\Inf
2014-12-26 21:24:25 ----D---- C:\windows\Microsoft.NET
2014-12-26 21:24:16 ----RD---- C:\windows\assembly
2014-12-26 21:24:16 ----D---- C:\ProgramData\Microsoft Help
2014-12-26 21:24:11 ----D---- C:\Program Files\Common Files\microsoft shared
2014-12-26 21:24:11 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-12-26 21:24:04 ----RSD---- C:\windows\Fonts
2014-12-26 21:24:04 ----D---- C:\Program Files\Microsoft Office
2014-12-26 21:23:52 ----D---- C:\Program Files\Common Files
2014-12-26 21:23:52 ----AD---- C:\windows\System32
2014-12-26 21:23:50 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-12-26 21:22:43 ----D---- C:\windows\ShellNew
2014-12-26 20:52:45 ----D---- C:\windows\system32\drivers
2014-12-26 20:49:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-26 17:49:26 ----SHD---- C:\System Volume Information
2014-12-26 15:31:13 ----D---- C:\windows\Logs
2014-12-25 11:58:27 ----D---- C:\windows\system32\NDF
2014-12-24 11:58:13 ----D---- C:\windows\system32\config
2014-12-23 18:56:19 ----D---- C:\windows\WinSxS
2014-12-23 18:53:40 ----D---- C:\windows\system32\catroot2
2014-12-22 10:38:37 ----D---- C:\windows\AppReadiness
2014-12-21 17:40:29 ----D---- C:\Users\Lenka\AppData\Roaming\vlc
2014-12-21 15:43:09 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-12-18 16:16:57 ----HD---- C:\Program Files\WindowsApps
2014-12-18 11:36:51 ----D---- C:\windows\CbsTemp
2014-12-14 10:41:10 ----D---- C:\windows\rescache
2014-12-12 20:07:25 ----D---- C:\windows\SYSWOW64\sk-SK
2014-12-12 20:07:25 ----D---- C:\windows\SYSWOW64\en-US
2014-12-12 20:07:25 ----D---- C:\windows\system32\sk-SK
2014-12-12 20:07:25 ----D---- C:\windows\system32\en-US
2014-12-12 20:07:21 ----D---- C:\windows\system32\sr-Latn-RS
2014-12-12 20:07:21 ----D---- C:\windows\system32\sr-Latn-CS
2014-12-12 15:41:41 ----D---- C:\windows\system32\DriverStore
2014-12-12 15:22:05 ----D---- C:\windows\system32\wdi
2014-12-12 15:17:52 ----D---- C:\windows\PolicyDefinitions
2014-12-12 15:17:52 ----D---- C:\Program Files\Internet Explorer
2014-12-12 15:17:52 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-12 15:17:47 ----D---- C:\windows\system32\MRT
2014-12-12 15:14:20 ----A---- C:\windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2013-08-22 644968]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 VDWFP;VDWFP; \??\C:\windows\system32\Drivers\VDWFP64.sys [2014-05-12 39800]
R3 ACPIVPC;@oem69.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-08-18 35600]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2013-09-06 1390904]
R3 dtsoftbus01;@oem71.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\windows\System32\drivers\dtsoftbus01.sys [2014-10-24 283064]
R3 huawei_enumerator;huawei_enumerator; C:\windows\System32\drivers\ew_jubusenum.sys [2013-03-04 91648]
R3 ibtusb;@oem16.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter; C:\windows\system32\DRIVERS\ibtusb.sys [2013-09-19 118728]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2013-12-24 4216320]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\windows\system32\DRIVERS\ikbevent.sys [2013-08-14 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\windows\system32\DRIVERS\imsevent.sys [2013-08-14 21920]
R3 INETMON;INETMON; \??\C:\windows\System32\Drivers\INETMON.sys [2013-08-14 29088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2013-09-04 3630168]
R3 ISCT;@oem67.inf,%ISCT.DeviceDesc%;Intel(R) Smart Connect Technology Device Driver; C:\windows\System32\drivers\ISCTD64.sys [2013-08-14 46568]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2013-12-15 27032]
R3 MEIx64;@oem10.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288]
R3 NETwNb64;@oem11.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\windows\system32\DRIVERS\Netwbw02.sys [2014-03-13 3434464]
R3 RTL8168;@oem19.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-06-22 816344]
R3 rtsuvc;@oem58.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2013-10-19 8876248]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-15 34544]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-08-15 527600]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 btmaux;@oem15.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2013-07-23 140600]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbenumfilter;@oem73.inf,%busupper.SVCDESC%;huawei_CompositeFilter; C:\windows\System32\drivers\ew_usbenumfilter.sys [2012-12-22 14976]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\windows\system32\DRIVERS\ew_cdcacm.sys [2013-10-23 121728]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\windows\system32\DRIVERS\ew_wwanecm.sys [2013-11-01 376448]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2013-12-15 39320]
S3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2013-12-19 450520]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2014-03-18 167424]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-08-26 1137016]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-08-26 1157496]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-18 632048]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2013-10-28 351824]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-22 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-04 131544]
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-09-19 157128]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-12-04 200168]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-11-21 584960]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-08-18 198192]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2013-08-08 161072]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-18 154864]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-25 390632]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [2014-08-18 68368]
R2 VisualDiscovery;VisualDiscovery; C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe [2014-06-21 1354296]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26 107912]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-10-26 651856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2013-12-24 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26 107912]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-06-03 533760]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-21 114800]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-18 284912]
S4 PG_Service_Launcher;##ID_STRING30##; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2013-08-08 345408]

-----------------EOF-----------------

jefty · #2 Příspěvek od **jefty** » 26 pro 2014 22:37

Este FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014
Ran by Lenka (administrator) on LENOVO on 26-12-2014 22:36:42
Running from C:\Users\Lenka\Desktop
Loaded Profile: Lenka (Available profiles: Lenka)
Platform: Windows 8.1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Superfish, Inc.) C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-31] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-10-19] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-08-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-08-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Printsrv] => c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
HKLM-x32\...\Run: [Printsrv] => c:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-01] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2704833255-622856767-2490763620-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2704833255-622856767-2490763620-1001\...\MountPoints2: {128a828d-61b1-11e4-8261-c45444143a7a} - "E:\AutoRun.exe"
HKU\S-1-5-21-2704833255-622856767-2490763620-1001\...\MountPoints2: {128a8348-61b1-11e4-8261-c45444143a7a} - "E:\AutoRun.exe"
HKU\S-1-5-21-2704833255-622856767-2490763620-1001\...\MountPoints2: {dd66f836-6269-11e4-8261-c45444143a7a} - "E:\AutoRun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-2704833255-622856767-2490763620-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-2704833255-622856767-2490763620-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2704833255-622856767-2490763620-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{5CEB355F-DB08-46C0-AFA6-A9F624318B13}: [NameServer] 213.151.222.34 85.237.225.250
Tcpip\..\Interfaces\{FB2D3DE5-D944-4258-9AFE-EA5741580FD5}: [NameServer] 213.151.222.34 85.237.225.250

FireFox:
========
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bofe02cu.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Security Protection - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bofe02cu.default\Extensions\detgdp@gmail.com [2014-12-25]
FF Extension: Nepi Jano! - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bofe02cu.default\Extensions\jid1-ujYo9WP31heSeQ@jetpack.xpi [2014-11-01]
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bofe02cu.default\extensions\detgdp@gmail.com

Chrome:
=======
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-26]
CHR Extension: (Dokumenty Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-26]
CHR Extension: (Disk Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-26]
CHR Extension: (YouTube) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-26]
CHR Extension: (Tabulky Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-26]
CHR Extension: (Peněženka Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-26]
CHR Extension: (Gmail) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-11-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-18] (Lenovo(beijing) Limited)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [651856 2013-10-26] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [161072 2013-08-08] (PointGrab LTD)
S4 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [345408 2013-08-08] (PointGrab LTD)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-08-18] ()
R2 VisualDiscovery; C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe [1354296 2014-06-21] (Superfish, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-06] (Motorola Solutions, Inc.)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-24] (Disc Soft Ltd)
S3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [121728 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [376448 2013-11-01] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-19] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-14] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-14] ()
R3 INETMON; C:\windows\System32\Drivers\INETMON.sys [29088 2013-08-14] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-14] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3434464 2014-03-13] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-19] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-15] (Synaptics Incorporated)
R2 VDWFP; C:\windows\system32\Drivers\VDWFP64.sys [39800 2014-05-12] (Superfish, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 22:36 - 2014-12-26 22:37 - 00017044 _____ () C:\Users\Lenka\Desktop\FRST.txt
2014-12-26 22:36 - 2014-12-26 22:36 - 00000000 ____D () C:\FRST
2014-12-26 22:35 - 2014-12-26 22:36 - 02122752 _____ (Farbar) C:\Users\Lenka\Desktop\FRST64.exe
2014-12-26 22:31 - 2014-12-26 22:32 - 00000000 ____D () C:\rsit
2014-12-26 22:31 - 2014-12-26 22:32 - 00000000 ____D () C:\Program Files\trend micro
2014-12-26 22:30 - 2014-12-26 22:30 - 01222144 _____ () C:\Users\Lenka\Desktop\RSITx64.exe
2014-12-26 22:27 - 2014-12-26 21:49 - 00008643 _____ () C:\zoek-results2014-12-26-204929.log
2014-12-26 22:21 - 2014-12-26 22:21 - 00002286 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-26 22:21 - 2014-12-26 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-26 22:19 - 2014-12-26 22:24 - 00000964 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-26 22:19 - 2014-12-26 22:24 - 00000960 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-26 22:19 - 2014-12-26 22:19 - 00880784 _____ (Google Inc.) C:\Users\Lenka\Downloads\ChromeSetup.exe
2014-12-26 22:19 - 2014-12-26 22:19 - 00003936 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-26 22:19 - 2014-12-26 22:19 - 00003700 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-26 21:36 - 2014-12-26 22:27 - 00000918 _____ () C:\zoek-results.log
2014-12-26 21:35 - 2014-12-26 21:44 - 00000000 ____D () C:\zoek_backup
2014-12-26 21:32 - 2014-12-26 21:33 - 01295360 _____ () C:\Users\Lenka\Downloads\zoek.exe
2014-12-26 21:17 - 2014-12-26 21:17 - 00000000 ____D () C:\windows\ERUNT
2014-12-26 21:15 - 2014-12-26 21:16 - 01707646 _____ (Thisisu) C:\Users\Lenka\Downloads\JRT.exe
2014-12-26 20:52 - 2014-12-26 21:52 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-26 20:52 - 2014-12-26 20:52 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-26 20:52 - 2014-12-26 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-26 20:52 - 2014-12-26 20:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-26 20:52 - 2014-12-26 20:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-26 20:52 - 2014-11-21 06:23 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-12-26 20:52 - 2014-11-21 06:23 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-12-26 20:52 - 2014-11-21 06:23 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-12-26 20:42 - 2014-12-26 20:44 - 20447176 _____ (Malwarebytes Corporation ) C:\Users\Lenka\Downloads\mbam-setup.exe
2014-12-26 15:47 - 2014-12-26 15:47 - 00000000 _____ () C:\autoexec.bat
2014-12-26 15:38 - 2014-12-26 15:38 - 00000000 ____D () C:\Users\Lenka\AppData\Local\Intel_Corporation
2014-12-26 15:36 - 2014-12-26 15:36 - 00000000 __SHD () C:\Users\Lenka\AppData\Local\EmieBrowserModeList
2014-12-25 23:51 - 2014-12-25 23:51 - 00003886 _____ () C:\windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-21 14:16 - 2014-12-21 15:39 - 734093312 _____ () C:\Users\Lenka\Downloads\Svéraz-národního-rybolovu.avi
2014-12-21 13:48 - 2014-12-21 13:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-19 21:36 - 2014-12-21 10:44 - 00000000 ____D () C:\Users\Lenka\Desktop\fb
2014-12-15 21:21 - 2014-12-15 21:33 - 181387264 _____ () C:\Users\Lenka\Downloads\big-bang-theory-s08e11-cz-titulky.avi
2014-12-15 20:18 - 2014-12-15 20:46 - 00298393 _____ () C:\Users\Lenka\Downloads\cvicenie10_vyprac (1).xlsx
2014-12-15 20:08 - 2014-12-15 20:08 - 00027984 _____ () C:\Users\Lenka\Downloads\n_linear_rovnic_s_n_neznam_Cramerovo_p_stud.xlsx
2014-12-14 19:44 - 2014-12-14 20:26 - 361967616 _____ () C:\Users\Lenka\Downloads\Upíří-deníky-(The-Vampire-Diaries)-6x10-CZ-titulky.avi
2014-12-14 15:34 - 2014-12-14 15:34 - 00298279 _____ () C:\Users\Lenka\Downloads\cvicenie10_vyprac.xlsx
2014-12-14 15:05 - 2014-12-14 15:29 - 00010463 _____ () C:\Users\Lenka\Documents\cvicenie inf na zapocet.xlsx
2014-12-11 23:35 - 2014-12-11 23:56 - 364904448 _____ () C:\Users\Lenka\Downloads\The-Originals-2x09-CZ-titulky.avi
2014-12-11 23:26 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupStatusProvider.dll
2014-12-11 23:26 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 23:26 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2014-12-11 23:26 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\windows\SysWOW64\MrmCoreR.dll
2014-12-11 23:26 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-12-11 23:26 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-12-11 17:08 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-11 17:08 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-12-11 17:08 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-11 17:08 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-12-11 17:08 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-12-11 17:08 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-12-11 17:08 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-11 17:08 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-11 17:08 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-11 17:08 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-12-11 17:08 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2014-12-11 17:08 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-12-11 17:08 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-11 17:08 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-12-11 17:08 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-11 17:08 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2014-12-11 17:08 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-12-11 17:08 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-12-11 17:08 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-11 17:08 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-11 17:08 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-11 17:08 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-11 17:08 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-11 17:08 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-11 17:08 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2014-12-11 17:08 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-11 17:08 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-11 17:08 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2014-12-11 17:08 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-11 17:08 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2014-12-11 17:08 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-11 17:08 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-11 17:08 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-11 17:08 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-11 17:08 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-11 17:08 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-12-11 17:08 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-11 17:08 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-11 17:08 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-12-11 17:08 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-11 17:08 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-12-11 17:08 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2014-12-11 17:08 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2014-12-11 17:08 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2014-12-11 17:08 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2014-12-11 17:08 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2014-12-11 17:08 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\windows\system32\Drivers\intelpep.sys
2014-12-09 17:54 - 2014-12-09 17:54 - 00135713 _____ () C:\Users\Lenka\Downloads\PH Odpisy 2015 (1).xlsx
2014-12-08 17:36 - 2014-12-08 17:36 - 00001058 _____ () C:\Users\Lenka\Desktop\Portal.lnk
2014-12-08 17:36 - 2014-12-08 17:36 - 00000000 ____D () C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portal
2014-12-08 17:36 - 2014-12-08 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portal
2014-12-08 17:29 - 2014-12-08 17:58 - 365942784 _____ () C:\Users\Lenka\Downloads\Bones-S10E09---cz-tit..avi
2014-12-08 17:29 - 2014-12-08 17:36 - 00000000 ____D () C:\Program Files (x86)\Portal
2014-12-08 17:28 - 2014-12-08 17:28 - 00000000 ____D () C:\Program Files (x86)\Portal.1
2014-12-06 21:32 - 2014-12-06 21:54 - 364822528 _____ () C:\Users\Lenka\Downloads\Upíří-deníky-(The-Vampire-Diaries)-6x09-CZ-titulky.avi
2014-12-03 22:07 - 2014-12-03 22:07 - 00010442 _____ () C:\Users\Lenka\Downloads\et.xlsx
2014-11-28 19:08 - 2014-11-28 19:28 - 364898304 _____ () C:\Users\Lenka\Downloads\Bones-S10E08---cz-tit..avi
2014-11-28 14:34 - 2014-11-28 14:35 - 136726553 _____ () C:\Users\Lenka\Downloads\slovakia.osm.pbf
2014-11-28 13:49 - 2014-11-28 13:59 - 96214794 _____ () C:\Users\Lenka\Downloads\mapa-slovenska-2014-android-locus.zip
2014-11-28 12:47 - 2014-11-28 12:47 - 00000651 _____ () C:\Users\Lenka\Desktop\Total Commander.lnk
2014-11-28 12:47 - 2014-11-28 12:47 - 00000000 ____D () C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-11-28 12:47 - 2014-11-28 12:47 - 00000000 ____D () C:\Users\Lenka\AppData\Roaming\GHISLER
2014-11-28 12:47 - 2014-11-28 12:47 - 00000000 ____D () C:\totalcmd
2014-11-28 12:47 - 2014-04-23 08:51 - 00000545 _____ () C:\windows\UC.PIF
2014-11-28 12:47 - 2014-04-23 08:51 - 00000545 _____ () C:\windows\RAR.PIF
2014-11-28 12:47 - 2014-04-23 08:51 - 00000545 _____ () C:\windows\PKZIP.PIF
2014-11-28 12:47 - 2014-04-23 08:51 - 00000545 _____ () C:\windows\PKUNZIP.PIF
2014-11-28 12:47 - 2014-04-23 08:51 - 00000545 _____ () C:\windows\LHA.PIF
2014-11-28 12:47 - 2014-04-23 08:51 - 00000545 _____ () C:\windows\ARJ.PIF
2014-11-28 12:46 - 2014-11-28 12:46 - 03722264 _____ (Ghisler Software GmbH) C:\Users\Lenka\Downloads\tcm851x32.exe
2014-11-28 12:46 - 2014-11-28 12:46 - 00733352 _____ () C:\Users\Lenka\Downloads\windowscommander-lista-centrumcz.exe
2014-11-28 12:46 - 2014-11-28 12:46 - 00384529 _____ () C:\Users\Lenka\Downloads\Lista_centrum.exe
2014-11-27 18:53 - 2014-11-27 19:14 - 355465216 _____ () C:\Users\Lenka\Downloads\The-Originals-2x08-CZ-titulky.avi

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 22:37 - 2014-08-17 22:41 - 01248741 _____ () C:\windows\WindowsUpdate.log
2014-12-26 22:26 - 2014-10-24 02:55 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2704833255-622856767-2490763620-1001
2014-12-26 22:21 - 2014-10-24 03:22 - 00000000 ____D () C:\Users\Lenka\AppData\Local\Google
2014-12-26 22:21 - 2014-10-24 03:22 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-26 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\sru
2014-12-26 21:49 - 2014-10-24 03:38 - 00000000 ___DO () C:\Users\Lenka\OneDrive
2014-12-26 21:49 - 2014-08-18 00:01 - 00010016 _____ () C:\windows\SysWOW64\VisualDiscovery.ini
2014-12-26 21:49 - 2014-08-18 00:01 - 00004960 _____ () C:\windows\SysWOW64\VisualDiscoveryOff.ini
2014-12-26 21:49 - 2014-08-18 00:01 - 00004960 _____ () C:\windows\system32\VisualDiscoveryOff.ini
2014-12-26 21:49 - 2013-08-22 15:46 - 00029477 _____ () C:\windows\setupact.log
2014-12-26 21:49 - 2013-08-22 15:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-26 21:48 - 2014-03-18 10:44 - 00014566 _____ () C:\windows\PFRO.log
2014-12-26 21:48 - 2013-08-22 15:44 - 00411824 _____ () C:\windows\system32\FNTCACHE.DAT
2014-12-26 21:47 - 2014-08-18 00:01 - 00002560 _____ () C:\windows\system32\VfService.trf
2014-12-26 21:24 - 2014-10-27 19:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-26 21:24 - 2014-10-27 19:40 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-12-26 21:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-26 21:22 - 2014-03-18 10:38 - 00000000 ____D () C:\windows\ShellNew
2014-12-26 21:08 - 2014-11-01 14:44 - 00001084 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-26 21:08 - 2014-10-24 02:50 - 00001010 _____ () C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-26 21:08 - 2013-08-22 14:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-12-26 20:49 - 2014-11-01 14:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-26 15:47 - 2014-10-24 02:48 - 00000000 ____D () C:\Users\Lenka
2014-12-25 11:58 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\NDF
2014-12-22 10:38 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\AppReadiness
2014-12-21 17:40 - 2014-10-25 11:33 - 00000000 ____D () C:\Users\Lenka\AppData\Roaming\vlc
2014-12-21 15:43 - 2014-03-18 10:53 - 00865408 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-21 12:40 - 2014-10-24 02:49 - 00000000 ____D () C:\Users\Lenka\AppData\Local\Packages
2014-12-19 20:03 - 2014-08-17 23:54 - 00000000 ____D () C:\windows\System32\Tasks\Lenovo
2014-12-18 11:36 - 2013-08-22 16:20 - 00000000 ____D () C:\windows\CbsTemp
2014-12-14 21:39 - 2014-10-24 03:38 - 00000000 ____D () C:\Users\Lenka\AppData\Local\CrashDumps
2014-12-14 10:41 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\rescache
2014-12-12 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\SysWOW64\sk-SK
2014-12-12 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\sr-Latn-RS
2014-12-12 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\sr-Latn-CS
2014-12-12 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\sk-SK
2014-12-12 15:17 - 2014-10-26 23:51 - 00000000 ____D () C:\windows\system32\MRT
2014-12-12 15:17 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-12-12 15:14 - 2014-10-26 23:51 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-12-11 14:21 - 2014-10-24 17:59 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-27 21:05 - 2014-10-25 12:26 - 00430080 ___SH () C:\Users\Lenka\Downloads\Thumbs.db
2014-11-26 22:10 - 2013-08-22 16:38 - 00714720 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 22:10 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-24 11:54

==================== End Of Log ============================

jefty · #3 Příspěvek od **jefty** » 26 pro 2014 22:39

Potom co mi potvrdite, ze vsetko je ok este vycistim s T-Cleaner, CCLeaner a dam defrag s Defraggler.

#4 Příspěvek od **Márty84** » 26 pro 2014 23:07

Zdravim

Priste dejte jen jeden log a neodpovidejte si, jinak hrozi, ze tema zapadne, jelikoz to vypada, ze uz to nekdo resi.

Dale, jelikoz tam byly spusteny nejdrive mazaci nastroje a az pak byly vytvoreny logy z RSIT a FRST, jsou smazany pripadne stopy nakazy a logy vypadaji relativne v poradku. Opet rada pro pripadnou pristi navstevu. Vzdy nejdrive dejte log z RSIT, nebo FRST. Cisteni az pak podle toho, co v lozich bude.

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [Printsrv] => c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
HKLM-x32\...\Run: [Printsrv] => c:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-01] ()
HKU\S-1-5-21-2704833255-622856767-2490763620-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)

FF Extension: Security Protection - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bofe02cu.default\Extensions\detgdp@gmail.com [2014-12-25]

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26 107912]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

jefty · #5 Příspěvek od **jefty** » 28 pro 2014 23:02

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by Lenka at 2014-12-28 22:59:10 Run:1
Running from C:\Users\Lenka\Desktop
Loaded Profile: Lenka (Available profiles: Lenka)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [Printsrv] => c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
HKLM-x32\...\Run: [Printsrv] => c:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-01] ()
HKU\S-1-5-21-2704833255-622856767-2490763620-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)

FF Extension: Security Protection - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bofe02cu.default\Extensions\detgdp@gmail.com [2014-12-25]

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26 107912]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Printsrv => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Printsrv => value deleted successfully.
HKU\S-1-5-21-2704833255-622856767-2490763620-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bofe02cu.default\Extensions\detgdp@gmail.com => Moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
AdobeARMservice => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 486.7 MB temporary data.

The system needed a reboot.

==== End of Fixlog 22:59:50 ====

#6 Příspěvek od **Márty84** » 29 pro 2014 02:38

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remote disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

18.1. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

preventivna kontrola

preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola

Re: preventivna kontrola