VIRY.CZ

Dobrý den,

prosím o radu, při spuštění jakékoliv instalované aplikace, mi napíše hlášku: "není platná aplikace typu Win32"


Děkuji za jakoukoliv pomoc

Zdravím!
Zkuste spustit RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 (ten se pouze kopíruje). Pokud se zadaří, dejte log.

Logfile of random's system information tool 1.10 (written by random/random)
Run by lenovo at 2015-02-13 21:33:53
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 198 GB (43%) free of 457 GB
Total RAM: 7889 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:34:05, on 13.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe
C:\Program Files (x86)\Evaer\videochannel.exe
C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\MuralPix\MpAgent.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\XTab\cmdshell.exe
C:\Program Files (x86)\XTab\HPNotify.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\SourceApp\bin\SourceApp.BrowserAdapter.exe
C:\Program Files (x86)\SourceApp\bin\SourceApp.expext.exe
C:\Program Files (x86)\Evaer\evaer.exe
C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera_crashreporter.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files\trend micro\lenovo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp ... TMBJT8TMBX
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hppp ... TMBJT8TMBX
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp ... TMBJT8TMBX
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hppp ... TMBJT8TMBX
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MediaViewV1alpha154 - {502a2550-e62d-4d21-be7f-c770de03780d} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MuralPixAgent] C:\Program Files (x86)\MuralPix\MpAgent.exe /r
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1499.0.0.0\jsdrv.exe
O4 - HKCU\..\Run: [DVSSkypeRecorder] C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe /minimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [avichannel] "C:\Program Files (x86)\Evaer\videochannel.exe"
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1499.0.0.0\jsdrv.exe
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\lenovo\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [Copy] "C:\Users\lenovo\AppData\Roaming\Copy\CopyAgent.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Copy] "C:\Users\lenovo\AppData\Roaming\Copy\CopyAgent.exe" (User 'Default user')
O4 - Startup: Dropbox.lnk = lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
O4 - Startup: Wallperizer.lnk = lenovo\Downloads\wallperizer\Wallperizer\Wallperizer.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{71B8ACA2-CCEF-4A83-8405-BB918C22DE1D}: NameServer = 160.218.161.60 194.228.211.33
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - XTab system - C:\Program Files (x86)\XTab\ProtectService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update SourceApp - Unknown owner - C:\Program Files (x86)\SourceApp\updateSourceApp.exe
O23 - Service: Util SourceApp - Unknown owner - C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16188 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-33bb2b2b-d923-470b-a944-ae1009bb0364 -SystemEventPortName:HostProcess-84537079-8d70-45cc-a658-2a73239bd554 -IoCancelEventPortName:HostProcess-2ec3461a-560a-4060-8411-4b9679f31c24 -NonStateChangingEventPortName:HostProcess-9e25420d-f17b-49c3-8d79-37a814036e3a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8d13c8f0-9261-41b3-a76f-3745a3a3e9bb -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 26067552
\??\C:\Windows\system32\conhost.exe "-16245590981634833353-19233924741289413338-954546951-1389691020904042620-2010345500
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"
"C:\Program Files (x86)\XTab\ProtectService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe" -sSONY_MEDIAMGR
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files (x86)\SourceApp\updateSourceApp.exe"
"C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe"
"C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\alg.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\SourceApp\bin\SourceApp.PurBrowse64.exe" /l false /s false /c "SourceApp" /t "C:\Program Files (x86)\SourceApp\bin\TEMP" /i "http://apisourceappinfo-a.akamaihd.net/ ... 0000000000" /d {baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64 /p 9e5c9068-257d-4c32-8f07-4f7ddc49215a:iexplore /p a86e7991-bfa7-409e-b7ec-69c3b36cbc57:opera /h cdn.sharedaddomain.com,cdn.sharedaddomain2.com 0 10 "C:\Program Files (x86)\SourceApp\bin\bau" true
\??\C:\Windows\system32\conhost.exe "-17658718551340154670-991740015-1380774142-1754862913-1802130987-1907371764-267801584
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {D6008249-3927-4E65-B732-5ED56E97DF07}
"C:\Program Files (x86)\SensePlus\e655f337-8965-4b98-b998-ff318ca1d25b-1-6.exe" /rawdata=d8UnQOmo0pTTYpEGtPfKaORGfWR7CbtnIeD9tFq90bn4FvPTIn+6NZuQ4TFStuzhOV9ANuiiDHkFVIYqbIIt6OuE0NdbxconSmL2Udw9A/XB66/QlCzjttd7SYa8W1lodJYC1h2j2Ac97cABvYOeHRiayHLHBUW+2IlQ54Vt8QVGVBRITCs1FxekWaGdlF05OGXoEeBqeHjproqRezJm5QVsYjs6t6Z10CophGUD2zW8VVAW/9W5INwiBjiO+SXvU2aUHEip3woWxQUrP83BS8Cf864Vv6TAB5ez5hAyVt0ehWiGaKAik1hLJX8woNyWCwrvzSZa5r2U+sOrkDXVhDesUa2bGMtgPyjV8mGZxAf85pH52oIenVQl4bCV8YUD19ls85x+ZEc9ampeuKR09+eD0QakQjWfSRecNk0MVVch5iNV4Pq9at4FXDUfs3Jvpx/F7beza92ptOb9l7lv/gxbrHuc20MBTAE4SUO7r7hyqDKrzEK0UmiSS1Mx2LmgulMeovUFUEs3hVoxorZgJ4/j7NRaJLAUg3snmrTW+ZPh7lXD1Vb1H+vdENVmzwX6Y89JwjOflokHB87ML8umoW3qQY3t4BjIUyH+QXCOWMqz5/4v61I1Xrxlg4XCTX1e5aWRwggBLiN+Kl8y/KDTnQ5GI1NN0S8HwiVZmOUrmd9/8gjjo4RlMoK28Qkz0K2hmtYoyeY7MhhJaF0Iq1wMr9YRnA276PlgoRiKi9/tt19W3bOdBdkXzsw9PtD1PlHfqtqvMBd02otRbYaJQOE3orrHQbhlrh18YwQjHcbWkrV2+550k9aCubbZfgaq92kAibmK7mZ4zr+TfXSmjaAhA7aAJVoIeSbe666KlH+icSaMKitdrzRyHoDXw2sQgOdRRFqrhrrELYz2AXlINDRqSPOckk1OSqJqmtPqRHdsVYObKrBVuKJ9vdKEI8X5taFDJaxHOXhvApzw8TRE+X80Vo8EMXTOSywvH8EP13tfdfLf+9FUU6CT20WQCSD/S9q7vXu7Ju+19hCebZ7i8wg3yD7BnKctVnJ+b60Yk2II0de7W2g81iBVbs/6VYBEXDCwUMaU/xMgANHNO9LIv8OVWaTNwi/x+c/8b7JCUPm+zlXUFRxSeL/K3t0pjxwmZIhCTEvYZkZ8p+6Ff3bB4RRqxjig1CJytUER5VhTiB7v4/AXfgxq+4bqeeZuAz/FM6/1kiQbvDIq5WKZJeGw6rkaNH5jkFVUd8swLWuuSwZnc4gFRQmIYDmhxiUY3zyve5149/4czF/+8v+e3HGZatXDMFfkCOfh7wevYqcp7p4OEZ3OJEyXFxGgMpA23iOUSbzSs9xiVdUNT8HPRqieR84xRHTBadRIrAf8t1avLQg+DC/yEdmiOc/+Ejp3EdDj+SKCRC4mX6tRefpawJv5xYdyQ0UbkPmbF0BiqYKOStpLV/VAWaxf2goycRyhifCl8AQr4Rq4Ny5802UMr7CBZuYoSzYyeTch5f7ib5MHrOJc1c4r1P1gl23no+HHzh1xqbbk
"taskhost.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
taskeng.exe {077CB00F-D329-421F-A1DB-BC4144CFC6D3}
"C:\Windows\system32\Dwm.exe"
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
C:\Windows\Explorer.EXE
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe" /minimized
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Evaer\videochannel.exe"
"C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files (x86)\MuralPix\MpAgent.exe" /r
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\XTab\cmdshell.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
HPNotify.exe -run
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Skype\Phone\Skype.exe"

/ie 9e5c9068-257d-4c32-8f07-4f7ddc49215a /z "n=SourceApp&is=smp1cz&dpt=20"
/ie 9e5c9068-257d-4c32-8f07-4f7ddc49215a /z "n=SourceApp&is=smp1cz&dpt=20"
/ieg 9e5c9068-257d-4c32-8f07-4f7ddc49215a /is smp1cz
"C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Evaer\evaer.exe"
"C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe"
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --ran-launcher http://www.mystartsearch.com/?type=sc&t ... TMBJT8TMBX
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --ran-launcher http://www.mystartsearch.com/?type=sc&t ... TMBJT8TMBX /crash-reporter-parent-id=8320
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=gpu-process --channel="8320.0.603868725\1970194514" --enable-proprietary-media-types-playback --crash-reporter-pid=8328 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,40 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2843 --enable-proprietary-media-types-playback --crash-reporter-pid=8328 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.2.679608327\1534008192" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.3.1767014858\258156662" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.4.738123513\859506625" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.7.1038901245\144892242" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.8.1735043020\697502123" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.9.2101744664\147531198" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.10.1969630939\1733340965" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.12.1572357075\1729725485" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.16.90342285\834474612" /prefetch:673131151
"C:\Users\lenovo\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\e655f337-8965-4b98-b998-ff318ca1d25b-1-6.job - C:\Program Files (x86)\SensePlus\e655f337-8965-4b98-b998-ff318ca1d25b-1-6.exe /rawdata=d8UnQOmo0pTTYpEGtPfKaORGfWR7CbtnIeD9tFq90bn4FvPTIn+6NZuQ4TFStuzhOV9ANuiiDHkFVIYqbIIt6OuE0NdbxconSmL2Udw9A/XB66/QlCzjttd7SYa8W1lodJYC1h2j2Ac97cABvYOeHRiayHLHBUW+2IlQ54Vt8QVGVBRITCs1FxekWaGdlF05OGXoEeBqeHjproqRezJm5QVsYjs6t6Z10CophGUD2zW8VVAW/9W5INwiBjiO+SXvU2aUHEip3woWxQUrP83BS8Cf864Vv6TAB5ez5hAyVt0ehWiGaKAik1hLJX8woNyWCwrvzSZa5r2U+sOrkDXVhDesUa2bGMtgPyjV8mGZxAf85pH52oIenVQl4bCV8YUD19ls85x+ZEc9ampeuKR09+eD0QakQjWfSRecNk0MVVch5iNV4Pq9at4FXDUfs3Jvpx/F7beza92ptOb9l7lv/gxbrHuc20MBTAE4SUO7r7hyqDKrzEK0UmiSS1Mx2LmgulMeovUFUEs3hVoxorZgJ4/j7NRaJLAUg3snmrTW+ZPh7lXD1Vb1H+vdENVmzwX6Y89JwjOflokHB87ML8umoW3qQY3t4BjIUyH+QXCOWMqz5/4v61I1Xrxlg4XCTX1e5aWRwggBLiN+Kl8y/KDTnQ5GI1NN0S8HwiVZmOUrmd9/8gjjo4RlMoK28Qkz0K2hmtYoyeY7MhhJaF0Iq1wMr9YRnA276PlgoRiKi9/tt19W3bOdBdkXzsw9PtD1PlHfqtqvMBd02otRbYaJQOE3orrHQbhlrh18YwQjHcbWkrV2+550k9aCubbZfgaq92kAibmK7mZ4zr+TfXSmjaAhA7aAJVoIeSbe666KlH+icSaMKitdrzRyHoDXw2sQgOdRRFqrhrrELYz2AXlINDRqSPOckk1OSqJqmtPqRHdsVYObKrBVuKJ9vdKEI8X5taFDJaxHOXhvApzw8TRE+X80Vo8EMXTOSywvH8EP13tfdfLf+9FUU6CT20WQCSD/S9q7vXu7Ju+19hCebZ7i8wg3yD7BnKctVnJ+b60Yk2II0de7W2g81iBVbs/6VYBEXDCwUMaU/xMgANHNO9LIv8OVWaTNwi/x+c/8b7JCUPm+zlXUFRxSeL/K3t0pjxwmZIhCTEvYZkZ8p+6Ff3bB4RRqxjig1CJytUER5VhTiB7v4/AXfgxq+4bqeeZuAz/FM6/1kiQbvDIq5WKZJeGw6rkaNH5jkFVUd8swLWuuSwZnc4gFRQmIYDmhxiUY3zyve5149/4czF/+8v+e3HGZatXDMFfkCOfh7wevYqcp7p4OEZ3OJEyXFxGgMpA23iOUSbzSs9xiVdUNT8HPRqieR84xRHTBadRIrAf8t1avLQg+DC/yEdmiOc/+Ejp3EdDj+SKCRC4mX6tRefpawJv5xYdyQ0UbkPmbF0BiqYKOStpLV/VAWaxf2goycRyhifCl8AQr4Rq4Ny5802UMr7CBZuYoSzYyeTch5f7ib5MHrOJc1c4r1P1gl23no+HHzh1xqbbk
C:\Windows\tasks\e655f337-8965-4b98-b998-ff318ca1d25b-1-7.job - C:\Program Files (x86)\SensePlus\e655f337-8965-4b98-b998-ff318ca1d25b-1-7.exe /rawdata=ezXo5iTau64BkVgg4Ob/lv5jo/o4k3vRr072xWP46IQ5AyyHYliFEuZRcJRrgP6bqy9dinC2tqTixUfNSvgVi/bE4R7eBWHQpCdVXrEHXs1zzA5cRGsvehgG6qw8rMNlNHC1DEdRI35VVOmR71YST1dquf3HHod5k/FmcYtyppkEJUNFwDg054UIxLTHH71VwvGL2kiv6n21yn4SkTYV5ztNvAjdYpkgz5KVL05V1C9Ph4MsJRi5sQXcYzy0YJxIPyiuy5KDH9NoBQGfxhuWyHIZAjFpoEycszODoYzhvs9Di6WuX+7qb7GPOHe8gRQX4kMtWF8IFf2L+2aCr/j1/VWY5M6ktm8JJ6q5FNUkt7FG1BJ8g3U5TYyJ0cnSIPV1kzClzWUxsNzGDA++YObmJ7CfqlixQmiOJQPisVfiuRQ6+d/YNxFAWsZBuHKL2ttD38Hfw1/JZS29FiEJ9xJ0hJQWRKboR+PkaPTVqwGnlrcKdaRp+yy9bTHkqWcxBKhiCwYY3/bEjZAnOo1qgLeeruWK3AqcWYYSyl2XGTO2R+46yt2LCyrvuGKYwno+aWrJc1Ha+hBNP8XKxM76YMbXKyQdcJIEwFdl3NPf+f3ZtkgCUYa8hmaXtk+PIDkk3+fSrW0COSF+1GNuKiLFysUyfZgKYYBz85PkSie1DpnaDVKy9hCs3P+iuL/J4fg3Ah5NhEZmk5yI6NSibSkf1cme/x0kp8XyjzsyeZc2yuuZE0tHozXADxbiAtJX+TndQoFKbOfqgenwuTVIZGFC4hwT7BErrEV3ei7NB5tryfPnEfCvx4a7ObMMQv5abr/ObmlUkf4FXQ+8mxMkdej3Ea8L/oJXIP/g4skxLN35YQHi8lNPOSt5pP9+tzZzY30k0HX6OeKxr/+WXZTb3zJnETcVfk1Y1UOWgD3Wj0KktbbPCwrBdVsxA6QfVmUsWn/B93GO6bRsAf9ep19IoKydfgnF0v935iQmJPudQynOM14vJ+4BY8NoxPT8pfwYrVvkOhI8LLIh1+cROIC0FviTUEFBtMmbbPUeHVHMuCsJk0TdNjbw8PqvbJmfWzxFcgTW3sxTBQvGL4pX84i/iPiJEGIxMt5dCEtluCOfS4zo2J9eBEJJNQnh7Iud2tg4eEqSruOa6/pOX6Wvc3hInkEBXLZn2nJeze2qbadk3xv+8OSOzUEmmKHSmzjQM4jcib/clBRPUUbLNdyMQssGmkKNhiUqhugQMI04PGnNIN7P41BXu5xoyUwn7OABjsoKtk82rKpxHBxJTuBBCFunTf0lsdf+5ZYlV9nLXSO0KLJGKiaQ+dEZSXeSRdyvDHKl8Vtyr/Q2YnicOGQnsAASAW44+CKRF6sUgMMGCFd4INFV388ow6VfUUwmPXgZKynu2ALAGyrIHytXTZm1MbvCAbUiBO8amRJ10OPBJJAk4Mcxo1OmTfvAwtYjZohBMSH4GPOTViUbWy/esDnUvB/cfc4eWVCPGl7snFsmzKJrsfHI7bD9LyG0Na5hg0hGjpTW8JpBvFaSKFNxQiDi49dLvpdxe8kOgTOp53YnacQnGhRM5OsD4suFDWLduiH4Vpz/BdGDkbTycZ/SWR0vKoOvwCpVgrCMptVcjOBQPc7OZ/DUidYIph9fFkRNKBBkue6KFBovv4M/wYobgnXNK81HdDlEQVT9+BKesfGW83vxyDoDYD6+AiA=
C:\Windows\tasks\e655f337-8965-4b98-b998-ff318ca1d25b-11.job - C:\Program Files (x86)\SensePlus\e655f337-8965-4b98-b998-ff318ca1d25b-11.exe /rawdata=ftWEZT8SMEwxPAT4iMrK8njhqO2X5I2//6vm15WGEC1nMMyfkWMcjQezsc6EFnGnEoNQ+87D1FnGac2zO6LbTdQ81qHf3d5yQMQLZHfd6xiFA8W/XVw5yJofJ0UpvvNTulrh7qB4pPWC9+PDgHVCXmrojIPIhEPfkqbLPTqFMVGlK6eB/Z8QtOXjzIE2O2yxaw5jh/R7R9B74eowqEoyQX/y97zEizvXl90XZ/OGvqRQzRsQShwVyN+9YdZmFqa8ocFSHBHx6IU6PFkOlkBAgP8Gbas0sLe81QuRXfcToBuHxRQOEFHz7psY98j8JDTr4Zj3q7WYOVmCV18EEjXwu2HC5S5QqH2eCatg0UUMRkNhikdvgHcj6cCv01xp8de8JVmoh8c22JX7m+XCoonBWg9eN9OEr7oV7SC9PshNOiodKcQ0LDvCWkVBgEWTyq8r0M2JjVf20Jd23YUYjkCxSrMLBGtrRIRq2wUlI6gtBJ5Da6Gjs07ykYCtXJw/rm18vtL7uoneFTrPQ8rVctSFH+FnlDfMreLUNUGjnVNZmBCyYjz7z4K7NHzGnamYIkZR9lzUHOuLVWcbqdCyLWiEgfjh5K6fe4UjHM0pnTZHKxiOAMV5kHaWB/qmVpY/2XSeO9xMmK9HoWRG/3oZ1m2XhzR/GnUuwt4fIQC9jrn1a1UivERUL/QN4Kn0/kALmgyjcdazbd1MMLWBemFZbDZEoWa5xJ2rkOP0q6AK4gZLkS4RL0zaJa3OZLn2aRDgkC6yqm+bmFMU0LCUqpuj6fYmVPTtHIE4yJ5fNDLJu2+CBt7SecuLuRAoA9D/m+pgxA/WUWIToLYy81ziVCIcdio1GJoU1JJfhQm/BBk9Qpany+ToyiTgAFE7xWOcZmO0XpsYP8TmTu6rCID6iR7KkJyuD6q2J2E5XK7jK6Xh8DXsTcvxxGk6YSlQ4d+QVyoWW1FbOyao2vD0O68whUXsTswgpjksAV+Wp7RSj+1PnaHb3LWlsF/mNMgA1xcMWjoTiIC/ROy2XJj8YzvYTq961c4R7kumzRGWS4IXwq51z7YmgLsowetDpRc5v96ZehMN0Lj8WODDOyO8P9yLEsyZKjWYiGV34zMaBUe36heb7xEfp2BI7gzKYoS6kDIL20I7anFR9MLhBvCEH0sRLRKY205U7UdMJGBbmbQ46UmLRArpkjMIxkumUMRc7vrMQRn2llvLS6YpedAnG152HKxkvpdwdl/kTe3unOmQDLbyLrTJcauD5RX92a1L01cfJD8qrMkoU7hEtSZD/u10gAdplTKiwn0OGg43VTW0KHujqASWxtwr2Q5UnPNDUTkJ889MnN2Hyg/KA5nXMiyVxnkUur/sZVEA122umR/+12onMjoDQI9GdeKaVD0B2zM35aCabNmSEU9F6uV9v41+TuRZFTqCga7H+1DjdeGELgohwDo1pK3RXnX/stp4za56ysTc88Zzr7cS6Mi7O/jnTfUkiKbOecYyN9YQSMeDjqu1Wce8FgfMHD5Iajy8Yry4eFYYyHCScYS5xeBNPrL8WE1Wc9NJvZ0S3zil/JzcW/3aZQqXq9uhMsZVQJGNnz1JGkIYNXeJYfyteG1nqh945FseUHdcRocKaycOsmPgFEG8LYBalkXNPtiABh2OeEDG/RI4x+DA0Tz9ESTd16xuMf178QZdC9ebhlO9Z7rLOVGNx0ixaJGkoihPqRGr0cwUKszXp4OXaw2oMtDdWuvzx2FrpXDYpV43GuYMDncLDyOL3ZT2vfO50qlbQIny318Mwob+r+SNj7kcsZP07mC4hrg7qvBd/hfVNyD6HghWC0A6VKm0kyK6p2SKno6Zq29bnMo1Pbz2LYuCGLcBwPWVoJQl4xF08EJxU0RtA2dxWxVt47Bxae+byoxc+HGwXIm7F4S1giSjGgw6Z9RpTRa7BPWkJCv7+Tu04O9aHg1s7lM2JaYp6yEOXqxzvmLIy4EUzJn8Ps5QDLhkgA3MUv+P6gnN4EE17TFl3mC+6IpHn+K5onPWUJ0G/g7X7mXIqZAme8TOJt2wpZIlBx6B44hKOEySVbAwV72X5Ng7R8hscLPkthU/jGAQepsqRyztORuYg2nbTytr2yKeH3Kj2zEoyn7gTs25OgdIDFk1zkzihfbBYYisf2UrMEk0LAuXx5WuIupf7+xJJANMJnZKeidNTTOIwY1kw+d1SOwbIxs6EkH79Yaus72Yc9M/HFvZ8vbwPdW8CIV+RyRc5JjU3f2APBowGUgU+RUdlPrf/+6zILLEyKiXnVsmis+Fi6tVNgysERRVbwZdreUuE7wz6Leu9kicRec2SjjWP1/Xkb2zL27q2coRt1IjMLhH1FX2fELLLvGMeBEy+YXLUgDb5knOyaDumd4CgQcxiQr6OntbxPHlSnVBTiV/0PCJVanHt069kLiymd55zERsnnlzV59O65yfq7bqMxSnbAzh5E0vNOPq1h04LjcrgCA39j3BwsuOjBcFhFX5Ul3GABnXH+ZFacohe6YIKWBOZfjfWdPyBFg3vEUhf9KfUF4ufYHXusIxvqVtKq/2
C:\Windows\tasks\e655f337-8965-4b98-b998-ff318ca1d25b-5.job - C:\Program Files (x86)\SensePlus\e655f337-8965-4b98-b998-ff318ca1d25b-5.exe /rawdata=jiGZL6f5z1XYQzsAB/IWfcLkGz9gpeAZF4pHncoNqgxzUMIkKPnh0Em3Smh9gmNWBBzbQagOXPp6fUvmTlP0QieGdQr4QbiY0wlNlhPQhudPjda1lDixc0tF1e+tN9Ezy/MuCMKc3XaSWlbnEd4J0SR9az8ebVEhv2lW/9lIGrzAtX6Ps9KkEZq0ZpeTf5C3009P5AvORuIfvOZszcSOBsFRrtTdBRq/4CRmH3BvIB4H1p0saculW8y4bTIArlsvVmYxwtSNg+x/4aUOU5GQ2HV47524Zo9Aod7by4A/4wLud9RWVXAvQov7ktqpdKeuFEwWJnL1nzjk6tllaXpGxqDk7gGZ+gthOslirDbRB4NAuA0o92Y8sImvdXugug9yr84GlDWnqwKY17iRvYWA6qB/qh3ptNnz3Ccs0QiiIl0oHcOfkAP4nnv7QqAgJpZmejPJPwT1jGKsJYQHxo2/W1xRZl5QKPX2SKnAz88RPRVT9DjlxCaV+Gr6t7i9dAqBOHovSRZIGqjqmWAMbl4Nqt/LXhFvIIDKdoUKU896vUVkNRxvjcmONuWzSOMiNCL3kN7/CDp5o7V/Po54WvaDoi7fdkqvD0gHhEN+sZWdTRmA7lLGSvOIpqceJ4Q3qI8Un59z2+28a+Qien3aLijwRJdsplQecJPZq8S5AX4+0Q+KLivG1r1k3rhRHSI7gqCs8TaR2fie/Krk9XCFudHKIV4hwFQ6SXY9sqXaHWUUb3bmUTtOu32jOitQCHty3k1D07FqDMXFkMOMVG4g90YNE+x31npvfI8kL+S0jXM2hats5gygRs5xV5eoocemKpnxjH+RtchDJBgjMwDCiDBKJRhhSeVJ0M0olihe1BOY/c17QxGS7N1LDsQDmW5wVADMWF7UobSZsNb36G6h+wpfdKaURu6BFARmYPMYiHs2DFY3rhht7qU51HuPXREe/5KdDyJzFVB5BjjPJET5aOwi6KP36vW8hifnU+cPVgRHwz+Sh3Jkz6wxK+8pDcOoLL2eLV0YES207UxApep8IBmi59DYmlYRYRgJB9MHSXTBBScFDqhkURgHqTYBkxufKRy4FYf+x4tIkM/88DuIn3NMzaGsrdwXP71GRJ8Pz+ey3NZif6otYUm5lGXaJN9HQuqzJ75LvxfdjHAw3dyda8AYIsR61TmLb8ltUlPRJMuOh8w=
C:\Windows\tasks\e655f337-8965-4b98-b998-ff318ca1d25b-5_user.job - C:\Program Files (x86)\SensePlus\e655f337-8965-4b98-b998-ff318ca1d25b-5.exe /rawdata=jiGZL6f5z1XYQzsAB/IWfcLkGz9gpeAZF4pHncoNqgxzUMIkKPnh0Em3Smh9gmNWBBzbQagOXPp6fUvmTlP0QieGdQr4QbiY0wlNlhPQhudPjda1lDixc0tF1e+tN9Ezy/MuCMKc3XaSWlbnEd4J0SR9az8ebVEhv2lW/9lIGrzAtX6Ps9KkEZq0ZpeTf5C3009P5AvORuIfvOZszcSOBsFRrtTdBRq/4CRmH3BvIB4H1p0saculW8y4bTIArlsvVmYxwtSNg+x/4aUOU5GQ2HV47524Zo9Aod7by4A/4wLud9RWVXAvQov7ktqpdKeuFEwWJnL1nzjk6tllaXpGxqDk7gGZ+gthOslirDbRB4NAuA0o92Y8sImvdXugug9yr84GlDWnqwKY17iRvYWA6qB/qh3ptNnz3Ccs0QiiIl0oHcOfkAP4nnv7QqAgJpZmejPJPwT1jGKsJYQHxo2/W1xRZl5QKPX2SKnAz88RPRVT9DjlxCaV+Gr6t7i9dAqBOHovSRZIGqjqmWAMbl4Nqt/LXhFvIIDKdoUKU896vUVkNRxvjcmONuWzSOMiNCL3kN7/CDp5o7V/Po54WvaDoi7fdkqvD0gHhEN+sZWdTRmA7lLGSvOIpqceJ4Q3qI8Un59z2+28a+Qien3aLijwRJdsplQecJPZq8S5AX4+0Q+KLivG1r1k3rhRHSI7gqCs8TaR2fie/Krk9XCFudHKIV4hwFQ6SXY9sqXaHWUUb3bmUTtOu32jOitQCHty3k1D07FqDMXFkMOMVG4g90YNE+x31npvfI8kL+S0jXM2hats5gygRs5xV5eoocemKpnxjH+RtchDJBgjMwDCiDBKJRhhSeVJ0M0olihe1BOY/c17QxGS7N1LDsQDmW5wVADMWF7UobSZsNb36G6h+wpfdKaURu6BFARmYPMYiHs2DFY3rhht7qU51HuPXREe/5KdDyJzFVB5BjjPJET5aOwi6KP36vW8hifnU+cPVgRHwz+Sh3Jkz6wxK+8pDcOoLL2emCi6CRfy0kbsdCKf9upMiMxw6PZfzpT8+qC/VS8EH/W8DyJIplL5G7E1Caj4JBvM/SWIM6RafTlOlXn4+5puoIPW+sF/oPbfZYTPMpvX4MFiKTEWz0gEKXKEtWQLCRUZyriFrRLF6OgnqQ2U3YJvwRbP4pedFCXmI50AnBTBNhE=
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\RIVZ.job - C:\Users\lenovo\AppData\Roaming\RIVZ.exe /infocmdline=uOMaxln5F4LXv2+UKf2JDs6nL9MshZ0cuuzM9lV/6q90Tc6YqsPveZpHfs+zFL1K4sL73DyHFdgyjfyl71FoBSux9oEaNImLibaKxllYKS0C+/pBYAEH3p1sYNrvTjeSUWbmEYG3Q+N329CU4s6hAoV8xs8sOf6x3RFqr4xbLt+fxrG47NaDmLiMSRXikKJ6k/Szp+E8DBu0MmS3q0IwwgNE2qXeaTAZ2yr1jWzjXYUXAhrO3lJii5YnDfBFMwEqRyjYIswgDR6C+abeyQdLxPFFM/Jx8FSJqVRU6cEkSmBX0y1wm6Cbacj4O9zoOiVcGOPNj8ih6wQ/eaY4kDHjulWWcrtRSFh/RJqbObQLXjYkx/CRfEVTDcTemMTBf6oK1/FoXg93TSjrV+rO2fnskQUp2QCRB9q1jWIei1qN57a2pDjDgJA3PSsHTe/dbjta+Xv9jMVyJzSMJFM9bd1XkLHyKdVYqPnoz13tmbUwzy8AFLwhueGfDNVS6HVxUdOE

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b615038-e08f-4899-ae15-f5d3b7bb0dc3}]
youtubeadblocker - C:\Program Files (x86)\youtubeadblocker\8i5FNLTQAvZKqz.x64.dll [2015-02-11 703488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-02 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5eb384b-8ee4-4d50-b091-23e44b8b0835}]
UniDeals - C:\Program Files (x86)\UniDeals\4zJLL1GwaPk5A4.x64.dll [2015-02-11 703488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-12-16 725768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{502a2550-e62d-4d21-be7f-c770de03780d}]
Media View

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-05 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-02 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-05 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16 615688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PSQLLauncher"=C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [2013-03-05 86312]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24 13662936]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-11-05 1361112]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-11-05 1361112]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-11-15 2747680]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-09-03 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-09-03 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-09-03 441152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DVSSkypeRecorder"=C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe [2015-01-28 1053352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"avichannel"=C:\Program Files (x86)\Evaer\videochannel.exe [2015-02-03 1740776]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1499.0.0.0\jsdrv.exe [2015-02-10 3224576]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"BitTorrent"=C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe [2015-02-07 1442904]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2013-06-17 66560]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-05-30 132920]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31 508144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-04-19 291608]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2008-03-15 233472]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"MuralPixAgent"=C:\Program Files (x86)\MuralPix\MpAgent.exe [2006-12-30 102400]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-02-02 5227112]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1499.0.0.0\jsdrv.exe [2015-02-10 3224576]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
PdaNet Desktop.lnk - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
Wallperizer.lnk - C:\Users\lenovo\Downloads\wallperizer\Wallperizer\Wallperizer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-09-03 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2013-03-05 136488]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.MPG4"=MPG4c32.dll
"vidc.MP42"=MPG4c32.dll
"vidc.MP43"=MPG4c32.dll
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"vidc.x264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-02-13 21:33:53 ----D---- C:\rsit
2015-02-13 21:33:53 ----D---- C:\Program Files\trend micro
2015-02-13 14:29:21 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-13 14:29:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-13 14:29:20 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-13 14:29:20 ----A---- C:\Windows\system32\jscript9.dll
2015-02-13 14:29:14 ----A---- C:\Windows\system32\DWrite.dll
2015-02-13 14:29:13 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-02-12 20:28:17 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-02-12 20:28:16 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-12 20:28:15 ----A---- C:\Windows\system32\mstscax.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\wdigest.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\schannel.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\kerberos.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\credssp.dll
2015-02-12 20:27:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-12 20:27:59 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-12 20:27:59 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-12 20:27:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-12 20:27:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-12 20:27:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 20:27:58 ----A---- C:\Windows\system32\iernonce.dll
2015-02-12 20:27:58 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-12 20:27:57 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-12 20:27:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-12 20:27:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-12 20:27:57 ----A---- C:\Windows\system32\urlmon.dll
2015-02-12 20:27:57 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-12 20:27:56 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 20:27:56 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-12 20:27:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 20:27:56 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-12 20:27:55 ----A---- C:\Windows\system32\iesetup.dll
2015-02-12 20:27:55 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-12 20:27:54 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-12 20:27:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-12 20:27:54 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-12 20:27:54 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-12 20:27:54 ----A---- C:\Windows\system32\iertutil.dll
2015-02-12 20:27:53 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-12 20:27:53 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-12 20:27:53 ----A---- C:\Windows\system32\ieui.dll
2015-02-12 20:27:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-12 20:27:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-12 20:27:52 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-12 20:27:52 ----A---- C:\Windows\system32\ieframe.dll
2015-02-12 20:27:51 ----A---- C:\Windows\system32\wininet.dll
2015-02-12 20:27:51 ----A---- C:\Windows\system32\vbscript.dll
2015-02-12 20:27:50 ----A---- C:\Windows\system32\msrating.dll
2015-02-12 20:27:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-12 20:27:49 ----A---- C:\Windows\system32\mshtml.dll
2015-02-12 20:26:36 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-12 20:26:35 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-12 20:26:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-12 20:26:29 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\sspicli.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\secur32.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\msobjs.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\msaudite.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\lsass.exe
2015-02-12 20:26:28 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-12 20:26:28 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-12 20:26:28 ----A---- C:\Windows\system32\auditpol.exe
2015-02-12 20:26:28 ----A---- C:\Windows\system32\adtschema.dll
2015-02-12 20:26:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-12 20:26:20 ----A---- C:\Windows\system32\crypt32.dll
2015-02-12 20:16:52 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-12 20:16:52 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-12 20:15:48 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-12 20:15:48 ----A---- C:\Windows\system32\rdpcorets.dll
2015-02-12 20:12:47 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-12 20:12:47 ----A---- C:\Windows\system32\scesrv.dll
2015-02-12 20:09:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-12 20:09:56 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-12 20:09:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-12 20:09:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-12 20:09:54 ----A---- C:\Windows\system32\srcore.dll
2015-02-12 20:09:54 ----A---- C:\Windows\system32\srclient.dll
2015-02-12 20:09:54 ----A---- C:\Windows\system32\rstrui.exe
2015-02-12 20:02:10 ----A---- C:\Windows\system32\win32k.sys
2015-02-12 19:50:43 ----A---- C:\Windows\system32\aswBoot.exe
2015-02-12 00:27:45 ----A---- C:\Windows\system32\xvidvfw.dll
2015-02-12 00:27:45 ----A---- C:\Windows\system32\xvidcore.dll
2015-02-12 00:27:44 ----D---- C:\Program Files (x86)\Xvid
2015-02-12 00:27:44 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2015-02-12 00:27:44 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2015-02-11 22:43:03 ----D---- C:\Program Files (x86)\globalUpdate
2015-02-11 22:43:03 ----A---- C:\Users\lenovo\AppData\Roaming\RIVZ.exe
2015-02-11 22:43:00 ----D---- C:\Program Files (x86)\SensePlus
2015-02-11 22:41:22 ----A---- C:\Windows\system32\drivers\{baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64.sys
2015-02-11 22:34:40 ----D---- C:\Program Files (x86)\SourceApp
2015-02-11 22:34:23 ----D---- C:\Program Files\Common Files\ShopperPro
2015-02-11 22:33:44 ----D---- C:\ProgramData\ShopperPro
2015-02-11 22:33:19 ----D---- C:\Users\lenovo\AppData\Roaming\Shark007
2015-02-11 22:33:19 ----D---- C:\ProgramData\Shark007
2015-02-11 22:33:15 ----D---- C:\Program Files\Shark007
2015-02-11 22:33:15 ----A---- C:\Windows\system32\x264vfw.dll
2015-02-11 22:33:15 ----A---- C:\Windows\system32\VSFilter.dll
2015-02-11 22:33:15 ----A---- C:\Windows\system32\unrar64.dll
2015-02-11 22:33:15 ----A---- C:\Windows\system32\pthreadGC2.dll
2015-02-11 22:33:04 ----D---- C:\Program Files (x86)\ShopperPro
2015-02-11 22:32:47 ----D---- C:\Users\lenovo\AppData\Roaming\Advanced
2015-02-11 22:32:46 ----D---- C:\Program Files (x86)\YouTube Accelerator
2015-02-11 22:32:44 ----D---- C:\Program Files (x86)\Shark007
2015-02-11 22:31:30 ----D---- C:\ProgramData\Advanced
2015-02-11 09:11:05 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2015-02-11 09:11:04 ----D---- C:\Program Files (x86)\ffdshow
2015-02-11 00:19:39 ----D---- C:\Users\lenovo\AppData\Roaming\OpenCandy
2015-02-11 00:14:37 ----D---- C:\ProgramData\IHProtectUpDate
2015-02-11 00:14:36 ----D---- C:\Program Files (x86)\XTab
2015-02-11 00:12:45 ----D---- C:\Program Files (x86)\Chrome Logger
2015-02-11 00:12:18 ----D---- C:\Program Files (x86)\youtubeadblocker
2015-02-11 00:11:44 ----D---- C:\Program Files (x86)\UniDeals
2015-02-11 00:11:18 ----D---- C:\ProgramData\7003537171432903958
2015-02-11 00:11:18 ----D---- C:\Program Files (x86)\UnniDeeaalsi
2015-02-11 00:11:01 ----D---- C:\ProgramData\lmdngkgelfdjngdjbkjeijdlpkhjafld
2015-02-10 23:50:33 ----D---- C:\Users\lenovo\AppData\Roaming\ParetoLogic
2015-02-10 23:50:33 ----A---- C:\Users\lenovo\AppData\Roaming\LogFile.txt
2015-02-10 23:50:12 ----D---- C:\ProgramData\ParetoLogic
2015-02-10 23:37:24 ----A---- C:\Windows\unins000.exe
2015-02-10 23:37:24 ----A---- C:\Windows\unins000.dat
2015-02-10 23:37:24 ----A---- C:\Windows\system32\lagarith.dll
2015-02-10 23:10:44 ----D---- C:\Program Files (x86)\Evaer
2015-02-10 23:09:25 ----D---- C:\Program Files\DivX
2015-02-10 23:08:14 ----D---- C:\Program Files (x86)\DivX
2015-02-10 17:33:46 ----D---- C:\FRST
2015-02-10 17:05:07 ----D---- C:\Program Files\CCleaner
2015-02-10 16:50:12 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\wksprtPS.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\wksprt.exe
2015-02-10 16:50:10 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-10 16:50:10 ----A---- C:\Windows\system32\tsgqec.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2015-02-10 16:50:09 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-02-10 16:50:09 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-02-10 16:50:09 ----A---- C:\Windows\system32\mstsc.exe
2015-02-10 16:49:29 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2015-02-10 16:49:29 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-02-10 16:49:27 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2015-02-10 16:49:27 ----A---- C:\Windows\system32\rdpudd.dll
2015-02-10 16:49:27 ----A---- C:\Windows\system32\rdpendp_winip.dll
2015-02-10 16:48:55 ----D---- C:\Intel
2015-02-10 16:33:29 ----D---- C:\Windows\Minidump
2015-02-10 16:25:24 ----SHD---- C:\Config.Msi
2015-02-10 16:23:23 ----D---- C:\9712444a36d8c5dc92b82a5e6808cd4d
2015-02-10 15:38:34 ----D---- C:\Program Files (x86)\DVDVideoSoft
2015-02-10 14:28:05 ----RD---- C:\Program Files (x86)\Skype
2015-02-10 14:15:40 ----A---- C:\Windows\SYSWOW64\mp4demux.dll
2015-02-10 13:48:32 ----D---- C:\Users\lenovo\AppData\Roaming\Tapur
2015-02-10 13:45:05 ----D---- C:\Users\lenovo\AppData\Roaming\iFree
2015-02-10 13:11:20 ----D---- C:\Program Files (x86)\VS Revo Group
2015-02-10 11:53:55 ----D---- C:\Users\lenovo\AppData\Roaming\Evaer
2015-02-10 09:18:05 ----D---- C:\Program Files (x86)\Free Screen Recorder
2015-02-05 15:08:35 ----D---- C:\ProgramData\eSellerate
2015-02-05 15:07:12 ----D---- C:\Program Files (x86)\NewBlue
2015-02-02 09:21:06 ----D---- C:\Users\lenovo\AppData\Roaming\AVAST Software
2015-02-02 09:16:51 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-02-02 09:16:50 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-02-02 09:16:50 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-02-02 09:16:49 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-02-02 09:16:48 ----A---- C:\Windows\system32\drivers\aswmonflt.sys
2015-02-02 09:16:46 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-02-02 09:16:45 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-02-02 09:16:39 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-02-02 09:16:38 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2015-02-02 09:16:29 ----A---- C:\Windows\avastSS.scr
2015-02-02 09:16:20 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2015-02-02 09:13:49 ----D---- C:\Program Files\AVAST Software
2015-02-01 18:55:27 ----D---- C:\Spacekace
2015-01-30 17:36:16 ----D---- C:\Users\lenovo\AppData\Roaming\DVDVideoSoft
2015-01-30 16:53:24 ----D---- C:\Users\lenovo\AppData\Roaming\SkypeCap
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\mfc71u.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\dsetup.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\atl71.dll
2015-01-30 16:44:32 ----D---- C:\Users\lenovo\AppData\Roaming\GHISLER
2015-01-30 16:44:32 ----A---- C:\Windows\UC.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\RAR.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\PKZIP.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\PKUNZIP.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\LHA.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\ARJ.PIF
2015-01-30 15:18:58 ----D---- C:\Users\lenovo\AppData\Roaming\MuralPix
2015-01-30 15:18:56 ----A---- C:\Windows\LearsyShare.dat
2015-01-30 15:18:54 ----D---- C:\Program Files (x86)\MuralPix
2015-01-30 12:15:45 ----A---- C:\Windows\_MSRSTRT.EXE
2015-01-30 12:13:32 ----D---- C:\Users\lenovo\AppData\Roaming\Webshots
2015-01-30 12:13:28 ----D---- C:\Program Files (x86)\Webshots
2015-01-29 23:37:58 ----D---- C:\Users\lenovo\AppData\Roaming\MP3SkypeRecorder
2015-01-21 10:55:26 ----D---- C:\ProgramData\Nitro
2015-01-21 10:55:26 ----D---- C:\Program Files\Nitro
2015-01-21 10:55:17 ----D---- C:\Users\lenovo\AppData\Roaming\Downloaded Installations
2015-01-21 10:35:47 ----D---- C:\ProgramData\OCAD
2015-01-21 10:35:33 ----D---- C:\Users\lenovo\AppData\Roaming\OCAD
2015-01-21 10:35:22 ----D---- C:\ProgramData\InstallShield
2015-01-21 10:02:54 ----D---- C:\recup_dir.1
2015-01-20 21:50:08 ----D---- C:\Program Files\Recuva
2015-01-20 21:48:35 ----A---- C:\Windows\SYSWOW64\VB5DB.DLL
2015-01-19 13:51:05 ----D---- C:\Users\lenovo\AppData\Roaming\AMS Software
2015-01-19 12:37:01 ----D---- C:\Users\lenovo\AppData\Roaming\Windows Live Writer
2015-01-19 12:30:31 ----D---- C:\Users\lenovo\AppData\Roaming\DesktopCal
2015-01-19 12:15:41 ----D---- C:\Users\lenovo\AppData\Roaming\Student dog
2015-01-16 18:48:33 ----D---- C:\Games
2015-01-14 11:43:14 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 11:43:13 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 11:43:13 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 11:43:13 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 11:43:10 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 11:43:02 ----A---- C:\Windows\system32\srcore(77).dll

======List of files/folders modified in the last 1 month======

2015-02-13 21:33:59 ----D---- C:\Windows\Temp
2015-02-13 21:33:53 ----RD---- C:\Program Files
2015-02-13 21:30:56 ----D---- C:\Users\lenovo\AppData\Roaming\Skype
2015-02-13 21:30:43 ----D---- C:\Users\lenovo\AppData\Roaming\Dropbox
2015-02-13 21:29:56 ----D---- C:\Users\lenovo\AppData\Roaming\Copy
2015-02-13 21:29:48 ----D---- C:\Users\lenovo\AppData\Roaming\BitTorrent
2015-02-13 19:30:40 ----A---- C:\Windows\win.ini
2015-02-13 19:28:27 ----D---- C:\ProgramData\NVIDIA
2015-02-13 17:59:42 ----D---- C:\Windows\system32\config
2015-02-13 17:51:05 ----D---- C:\Windows\winsxs
2015-02-13 17:48:10 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-13 17:48:10 ----D---- C:\Windows\SysWOW64
2015-02-13 17:48:10 ----D---- C:\Windows\system32\en-US
2015-02-13 17:48:10 ----D---- C:\Windows\System32
2015-02-13 17:46:42 ----SHD---- C:\System Volume Information
2015-02-13 17:17:33 ----D---- C:\Windows\inf
2015-02-13 17:17:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-13 17:12:36 ----D---- C:\Users\lenovo\AppData\Roaming\DAEMON Tools Lite
2015-02-13 08:21:19 ----D---- C:\Windows\system32\catroot2
2015-02-12 23:36:27 ----D---- C:\Windows\system32\cs-CZ
2015-02-12 23:36:26 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-12 23:36:26 ----D---- C:\Program Files\Internet Explorer
2015-02-12 23:36:24 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 23:36:21 ----D---- C:\Windows\system32\drivers
2015-02-12 23:36:20 ----D---- C:\Windows\PolicyDefinitions
2015-02-12 23:28:15 ----D---- C:\Windows\system32\MRT
2015-02-12 23:28:15 ----D---- C:\Windows\debug
2015-02-12 23:28:13 ----A---- C:\Windows\system32\MRT.exe
2015-02-12 21:25:43 ----D---- C:\Windows
2015-02-12 21:09:46 ----SHD---- C:\Windows\Installer
2015-02-12 21:06:28 ----D---- C:\Program Files (x86)\Common Files
2015-02-12 21:05:23 ----D---- C:\ProgramData\Skype
2015-02-12 21:03:32 ----D---- C:\Windows\system32\Tasks
2015-02-12 21:03:25 ----D---- C:\Windows\Tasks
2015-02-12 20:20:38 ----D---- C:\Windows\system32\NDF
2015-02-12 19:52:48 ----D---- C:\Windows\system32\DriverStore
2015-02-12 19:42:39 ----D---- C:\Windows\system32\wbem
2015-02-12 19:41:52 ----D---- C:\Windows\system32\wfp
2015-02-12 19:41:52 ----D---- C:\Windows\rescache
2015-02-12 19:41:46 ----HD---- C:\Windows\system32\WLANProfiles
2015-02-12 19:41:45 ----D---- C:\Windows\system32\drivers\etc
2015-02-12 19:41:45 ----D---- C:\Windows\system32\CodeIntegrity
2015-02-12 19:41:43 ----D---- C:\Windows\AppCompat
2015-02-12 19:41:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-02-12 19:41:31 ----RD---- C:\Program Files (x86)
2015-02-12 19:41:31 ----D---- C:\Program Files (x86)\TmNationsForever
2015-02-12 19:41:30 ----D---- C:\Program Files (x86)\NFS MW 2012
2015-02-12 19:41:13 ----D---- C:\Windows\registration
2015-02-12 19:33:19 ----D---- C:\Windows\Prefetch
2015-02-12 00:37:46 ----HD---- C:\ProgramData
2015-02-11 23:41:22 ----HD---- C:\Windows\system32\GroupPolicy
2015-02-11 23:03:36 ----D---- C:\Program Files (x86)\Opera
2015-02-11 22:55:03 ----D---- C:\Users\lenovo\AppData\Roaming\Seznam.cz
2015-02-11 22:54:56 ----D---- C:\Program Files (x86)\Seznam.cz
2015-02-11 22:46:32 ----AD---- C:\ProgramData\TEMP
2015-02-11 22:34:23 ----D---- C:\Program Files\Common Files
2015-02-11 22:33:42 ----D---- C:\Program Files (x86)\Google
2015-02-11 13:27:23 ----D---- C:\Users\lenovo\AppData\Roaming\Sony
2015-02-11 08:04:13 ----D---- C:\Windows\Microsoft.NET
2015-02-11 00:47:49 ----D---- C:\Windows\system32\catroot
2015-02-11 00:36:39 ----D---- C:\Program Files\VideoLAN
2015-02-10 23:09:27 ----D---- C:\ProgramData\DivX
2015-02-10 22:55:04 ----D---- C:\ProgramData\Sony
2015-02-10 22:54:48 ----RSD---- C:\Windows\assembly
2015-02-10 22:32:53 ----D---- C:\Program Files (x86)\Ricoh
2015-02-10 22:32:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-10 19:19:17 ----D---- C:\AdwCleaner
2015-02-10 17:13:21 ----D---- C:\Windows\Panther
2015-02-10 17:13:21 ----D---- C:\Windows\ModemLogs
2015-02-10 17:13:21 ----D---- C:\Windows\Logs
2015-02-10 16:54:10 ----D---- C:\Windows\SYSWOW64\NV
2015-02-10 16:54:09 ----D---- C:\Windows\system32\NV
2015-02-10 16:50:51 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-10 16:50:51 ----D---- C:\Windows\system32\drivers\en-US
2015-02-10 16:47:30 ----D---- C:\Windows\Help
2015-02-10 16:47:30 ----D---- C:\ProgramData\NVIDIA Corporation
2015-02-10 16:47:30 ----D---- C:\Program Files\NVIDIA Corporation
2015-02-10 16:47:04 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-02-10 16:28:07 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-02-10 16:21:43 ----D---- C:\Program Files (x86)\92fc8eaa-c942-4091-8675-5aa9e2a90752
2015-02-10 15:52:48 ----D---- C:\Program Files (x86)\Supertintin for Skype
2015-02-10 15:27:54 ----D---- C:\ProgramData\Package Cache
2015-02-10 15:20:09 ----D---- C:\Program Files (x86)\Java
2015-02-10 13:29:53 ----SD---- C:\ProgramData\Microsoft
2015-02-05 14:58:28 ----D---- C:\Program Files (x86)\Sony
2015-02-04 22:01:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-02 11:43:06 ----D---- C:\ProgramData\MFAData
2015-02-02 11:07:09 ----D---- C:\Program Files\Common Files\System
2015-02-02 09:13:49 ----D---- C:\ProgramData\AVAST Software
2015-01-30 15:15:07 ----D---- C:\Windows\system32\oobe
2015-01-29 22:40:00 ----D---- C:\Garmin
2015-01-27 00:22:02 ----D---- C:\Program Files (x86)\Microsoft
2015-01-21 12:01:56 ----RSD---- C:\Windows\Fonts
2015-01-15 13:29:43 ----D---- C:\Users\lenovo\AppData\Roaming\.minecraft
2015-01-15 13:29:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-15 13:28:50 ----D---- C:\Program Files (x86)\GRETECH
2015-01-15 13:28:34 ----D---- C:\ProgramData\Freemake
2015-01-15 13:28:27 ----D---- C:\Program Files (x86)\Freemake

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-02-02 449936]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-02-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-02-02 267632]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-04-19 19224]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-11-15 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-02-02 28184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-02-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-02-02 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-02-02 436624]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2013-11-15 284448]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-03-14 73136]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-02-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-02-02 87912]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-02-02 116728]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128]
R3 atrfiltr;ATR Filter driver service; C:\Windows\system32\DRIVERS\atrfiltr.sys [2014-09-11 16224]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-03-27 170200]
R3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator; C:\Windows\system32\DRIVERS\bpenum.sys [2012-07-03 84480]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-12-04 598808]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-02 184144]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-03-06 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-18 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-03-06 21544]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-13 283064]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-01-11 360624]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2014-11-14 60112]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-09-03 9000256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-05 3707864]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-04-19 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-04-19 789272]
R3 LenovoRd;LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [2009-05-11 118016]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0; C:\Windows\system32\DRIVERS\libusb0.sys [2011-05-17 44480]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-05-13 64624]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2013-02-05 11518976]
R3 pnetmdm;PdaNet Modem; C:\Windows\system32\DRIVERS\pnetmdm64.sys [2007-03-07 17920]
R3 RCUVCAVS;Ricoh UVC AVStream driver; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [2013-07-05 177920]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-09-26 45296]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-09-26 461040]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-05-25 101888]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-01-10 44640]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-04-11 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys []
S3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2014-03-31 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2014-03-31 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2014-03-31 188232]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2014-03-31 158024]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-04-11 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-02 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-02-02 104416]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2013-05-14 1008344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2012-07-18 514048]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-02-08 621296]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2015-01-05 516952]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2014-11-14 84208]
R2 IHProtect Service;IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [2015-01-16 158896]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-30 167736]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2013-06-24 110072]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-30 364856]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-29 893216]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-17 1260320]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-02-08 149744]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-28 383776]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2013-06-20 125432]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2013-06-20 125504]
R2 Update SourceApp;Update SourceApp; C:\Program Files (x86)\SourceApp\updateSourceApp.exe [2015-02-13 392944]
R2 Util SourceApp;Util SourceApp; C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe [2015-02-13 392944]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-09 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-10-01 85096]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-09-03 276288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-09 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-08-24 119408]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-02-08 273136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-10 117392]
S4 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-10 117392]
S4 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-10 117392]

-----------------EOF-----------------

Logfile of random's system information tool 1.10 (written by random/random)
Run by lenovo at 2015-02-13 21:33:53
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 198 GB (43%) free of 457 GB
Total RAM: 7889 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:34:05, on 13.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe
C:\Program Files (x86)\Evaer\videochannel.exe
C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\MuralPix\MpAgent.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\XTab\cmdshell.exe
C:\Program Files (x86)\XTab\HPNotify.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\SourceApp\bin\SourceApp.BrowserAdapter.exe
C:\Program Files (x86)\SourceApp\bin\SourceApp.expext.exe
C:\Program Files (x86)\Evaer\evaer.exe
C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera_crashreporter.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files\trend micro\lenovo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp ... TMBJT8TMBX
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hppp ... TMBJT8TMBX
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp ... TMBJT8TMBX
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hppp ... TMBJT8TMBX
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MediaViewV1alpha154 - {502a2550-e62d-4d21-be7f-c770de03780d} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MuralPixAgent] C:\Program Files (x86)\MuralPix\MpAgent.exe /r
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1499.0.0.0\jsdrv.exe
O4 - HKCU\..\Run: [DVSSkypeRecorder] C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe /minimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [avichannel] "C:\Program Files (x86)\Evaer\videochannel.exe"
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1499.0.0.0\jsdrv.exe
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\lenovo\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [Copy] "C:\Users\lenovo\AppData\Roaming\Copy\CopyAgent.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Copy] "C:\Users\lenovo\AppData\Roaming\Copy\CopyAgent.exe" (User 'Default user')
O4 - Startup: Dropbox.lnk = lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
O4 - Startup: Wallperizer.lnk = lenovo\Downloads\wallperizer\Wallperizer\Wallperizer.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{71B8ACA2-CCEF-4A83-8405-BB918C22DE1D}: NameServer = 160.218.161.60 194.228.211.33
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - XTab system - C:\Program Files (x86)\XTab\ProtectService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update SourceApp - Unknown owner - C:\Program Files (x86)\SourceApp\updateSourceApp.exe
O23 - Service: Util SourceApp - Unknown owner - C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16188 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-33bb2b2b-d923-470b-a944-ae1009bb0364 -SystemEventPortName:HostProcess-84537079-8d70-45cc-a658-2a73239bd554 -IoCancelEventPortName:HostProcess-2ec3461a-560a-4060-8411-4b9679f31c24 -NonStateChangingEventPortName:HostProcess-9e25420d-f17b-49c3-8d79-37a814036e3a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8d13c8f0-9261-41b3-a76f-3745a3a3e9bb -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 26067552
\??\C:\Windows\system32\conhost.exe "-16245590981634833353-19233924741289413338-954546951-1389691020904042620-2010345500
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"
"C:\Program Files (x86)\XTab\ProtectService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe" -sSONY_MEDIAMGR
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files (x86)\SourceApp\updateSourceApp.exe"
"C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe"
"C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\alg.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\SourceApp\bin\SourceApp.PurBrowse64.exe" /l false /s false /c "SourceApp" /t "C:\Program Files (x86)\SourceApp\bin\TEMP" /i "http://apisourceappinfo-a.akamaihd.net/ ... 0000000000" /d {baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64 /p 9e5c9068-257d-4c32-8f07-4f7ddc49215a:iexplore /p a86e7991-bfa7-409e-b7ec-69c3b36cbc57:opera /h cdn.sharedaddomain.com,cdn.sharedaddomain2.com 0 10 "C:\Program Files (x86)\SourceApp\bin\bau" true
\??\C:\Windows\system32\conhost.exe "-17658718551340154670-991740015-1380774142-1754862913-1802130987-1907371764-267801584
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {D6008249-3927-4E65-B732-5ED56E97DF07}
"C:\Program Files (x86)\SensePlus\e655f337-8965-4b98-b998-ff318ca1d25b-1-6.exe" /rawdata=d8UnQOmo0pTTYpEGtPfKaORGfWR7CbtnIeD9tFq90bn4FvPTIn+6NZuQ4TFStuzhOV9ANuiiDHkFVIYqbIIt6OuE0NdbxconSmL2Udw9A/XB66/QlCzjttd7SYa8W1lodJYC1h2j2Ac97cABvYOeHRiayHLHBUW+2IlQ54Vt8QVGVBRITCs1FxekWaGdlF05OGXoEeBqeHjproqRezJm5QVsYjs6t6Z10CophGUD2zW8VVAW/9W5INwiBjiO+SXvU2aUHEip3woWxQUrP83BS8Cf864Vv6TAB5ez5hAyVt0ehWiGaKAik1hLJX8woNyWCwrvzSZa5r2U+sOrkDXVhDesUa2bGMtgPyjV8mGZxAf85pH52oIenVQl4bCV8YUD19ls85x+ZEc9ampeuKR09+eD0QakQjWfSRecNk0MVVch5iNV4Pq9at4FXDUfs3Jvpx/F7beza92ptOb9l7lv/gxbrHuc20MBTAE4SUO7r7hyqDKrzEK0UmiSS1Mx2LmgulMeovUFUEs3hVoxorZgJ4/j7NRaJLAUg3snmrTW+ZPh7lXD1Vb1H+vdENVmzwX6Y89JwjOflokHB87ML8umoW3qQY3t4BjIUyH+QXCOWMqz5/4v61I1Xrxlg4XCTX1e5aWRwggBLiN+Kl8y/KDTnQ5GI1NN0S8HwiVZmOUrmd9/8gjjo4RlMoK28Qkz0K2hmtYoyeY7MhhJaF0Iq1wMr9YRnA276PlgoRiKi9/tt19W3bOdBdkXzsw9PtD1PlHfqtqvMBd02otRbYaJQOE3orrHQbhlrh18YwQjHcbWkrV2+550k9aCubbZfgaq92kAibmK7mZ4zr+TfXSmjaAhA7aAJVoIeSbe666KlH+icSaMKitdrzRyHoDXw2sQgOdRRFqrhrrELYz2AXlINDRqSPOckk1OSqJqmtPqRHdsVYObKrBVuKJ9vdKEI8X5taFDJaxHOXhvApzw8TRE+X80Vo8EMXTOSywvH8EP13tfdfLf+9FUU6CT20WQCSD/S9q7vXu7Ju+19hCebZ7i8wg3yD7BnKctVnJ+b60Yk2II0de7W2g81iBVbs/6VYBEXDCwUMaU/xMgANHNO9LIv8OVWaTNwi/x+c/8b7JCUPm+zlXUFRxSeL/K3t0pjxwmZIhCTEvYZkZ8p+6Ff3bB4RRqxjig1CJytUER5VhTiB7v4/AXfgxq+4bqeeZuAz/FM6/1kiQbvDIq5WKZJeGw6rkaNH5jkFVUd8swLWuuSwZnc4gFRQmIYDmhxiUY3zyve5149/4czF/+8v+e3HGZatXDMFfkCOfh7wevYqcp7p4OEZ3OJEyXFxGgMpA23iOUSbzSs9xiVdUNT8HPRqieR84xRHTBadRIrAf8t1avLQg+DC/yEdmiOc/+Ejp3EdDj+SKCRC4mX6tRefpawJv5xYdyQ0UbkPmbF0BiqYKOStpLV/VAWaxf2goycRyhifCl8AQr4Rq4Ny5802UMr7CBZuYoSzYyeTch5f7ib5MHrOJc1c4r1P1gl23no+HHzh1xqbbk
"taskhost.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
taskeng.exe {077CB00F-D329-421F-A1DB-BC4144CFC6D3}
"C:\Windows\system32\Dwm.exe"
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
C:\Windows\Explorer.EXE
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe" /minimized
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Evaer\videochannel.exe"
"C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files (x86)\MuralPix\MpAgent.exe" /r
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\XTab\cmdshell.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
HPNotify.exe -run
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Skype\Phone\Skype.exe"

/ie 9e5c9068-257d-4c32-8f07-4f7ddc49215a /z "n=SourceApp&is=smp1cz&dpt=20"
/ie 9e5c9068-257d-4c32-8f07-4f7ddc49215a /z "n=SourceApp&is=smp1cz&dpt=20"
/ieg 9e5c9068-257d-4c32-8f07-4f7ddc49215a /is smp1cz
"C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Evaer\evaer.exe"
"C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe"
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --ran-launcher http://www.mystartsearch.com/?type=sc&t ... TMBJT8TMBX
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --ran-launcher http://www.mystartsearch.com/?type=sc&t ... TMBJT8TMBX /crash-reporter-parent-id=8320
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=gpu-process --channel="8320.0.603868725\1970194514" --enable-proprietary-media-types-playback --crash-reporter-pid=8328 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,40 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2843 --enable-proprietary-media-types-playback --crash-reporter-pid=8328 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.2.679608327\1534008192" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.3.1767014858\258156662" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.4.738123513\859506625" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.7.1038901245\144892242" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.8.1735043020\697502123" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.9.2101744664\147531198" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.10.1969630939\1733340965" /prefetch:673131151
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.12.1572357075\1729725485" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_305.dll" --ppapi-flash-version=16.0.0.305 --with-feature:enhanced-autofill --crash-reporter-pid=8328 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="8320.16.90342285\834474612" /prefetch:673131151
"C:\Users\lenovo\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\e655f337-8965-4b98-b998-ff318ca1d25b-1-6.job - C:\Program Files (x86)\SensePlus\e655f337-8965-4b98-b998-ff318ca1d25b-1-6.exe /rawdata=d8UnQOmo0pTTYpEGtPfKaORGfWR7CbtnIeD9tFq90bn4FvPTIn+6NZuQ4TFStuzhOV9ANuiiDHkFVIYqbIIt6OuE0NdbxconSmL2Udw9A/XB66/QlCzjttd7SYa8W1lodJYC1h2j2Ac97cABvYOeHRiayHLHBUW+2IlQ54Vt8QVGVBRITCs1FxekWaGdlF05OGXoEeBqeHjproqRezJm5QVsYjs6t6Z10CophGUD2zW8VVAW/9W5INwiBjiO+SXvU2aUHEip3woWxQUrP83BS8Cf864Vv6TAB5ez5hAyVt0ehWiGaKAik1hLJX8woNyWCwrvzSZa5r2U+sOrkDXVhDesUa2bGMtgPyjV8mGZxAf85pH52oIenVQl4bCV8YUD19ls85x+ZEc9ampeuKR09+eD0QakQjWfSRecNk0MVVch5iNV4Pq9at4FXDUfs3Jvpx/F7beza92ptOb9l7lv/gxbrHuc20MBTAE4SUO7r7hyqDKrzEK0UmiSS1Mx2LmgulMeovUFUEs3hVoxorZgJ4/j7NRaJLAUg3snmrTW+ZPh7lXD1Vb1H+vdENVmzwX6Y89JwjOflokHB87ML8umoW3qQY3t4BjIUyH+QXCOWMqz5/4v61I1Xrxlg4XCTX1e5aWRwggBLiN+Kl8y/KDTnQ5GI1NN0S8HwiVZmOUrmd9/8gjjo4RlMoK28Qkz0K2hmtYoyeY7MhhJaF0Iq1wMr9YRnA276PlgoRiKi9/tt19W3bOdBdkXzsw9PtD1PlHfqtqvMBd02otRbYaJQOE3orrHQbhlrh18YwQjHcbWkrV2+550k9aCubbZfgaq92kAibmK7mZ4zr+TfXSmjaAhA7aAJVoIeSbe666KlH+icSaMKitdrzRyHoDXw2sQgOdRRFqrhrrELYz2AXlINDRqSPOckk1OSqJqmtPqRHdsVYObKrBVuKJ9vdKEI8X5taFDJaxHOXhvApzw8TRE+X80Vo8EMXTOSywvH8EP13tfdfLf+9FUU6CT20WQCSD/S9q7vXu7Ju+19hCebZ7i8wg3yD7BnKctVnJ+b60Yk2II0de7W2g81iBVbs/6VYBEXDCwUMaU/xMgANHNO9LIv8OVWaTNwi/x+c/8b7JCUPm+zlXUFRxSeL/K3t0pjxwmZIhCTEvYZkZ8p+6Ff3bB4RRqxjig1CJytUER5VhTiB7v4/AXfgxq+4bqeeZuAz/FM6/1kiQbvDIq5WKZJeGw6rkaNH5jkFVUd8swLWuuSwZnc4gFRQmIYDmhxiUY3zyve5149/4czF/+8v+e3HGZatXDMFfkCOfh7wevYqcp7p4OEZ3OJEyXFxGgMpA23iOUSbzSs9xiVdUNT8HPRqieR84xRHTBadRIrAf8t1avLQg+DC/yEdmiOc/+Ejp3EdDj+SKCRC4mX6tRefpawJv5xYdyQ0UbkPmbF0BiqYKOStpLV/VAWaxf2goycRyhifCl8AQr4Rq4Ny5802UMr7CBZuYoSzYyeTch5f7ib5MHrOJc1c4r1P1gl23no+HHzh1xqbbk
C:\Windows\tasks\e655f337-8965-4b98-b998-ff318ca1d25b-1-7.job - C:\Program Files (x86)\SensePlus\e655f337-8965-4b98-b998-ff318ca1d25b-1-7.exe /rawdata=ezXo5iTau64BkVgg4Ob/lv5jo/o4k3vRr072xWP46IQ5AyyHYliFEuZRcJRrgP6bqy9dinC2tqTixUfNSvgVi/bE4R7eBWHQpCdVXrEHXs1zzA5cRGsvehgG6qw8rMNlNHC1DEdRI35VVOmR71YST1dquf3HHod5k/FmcYtyppkEJUNFwDg054UIxLTHH71VwvGL2kiv6n21yn4SkTYV5ztNvAjdYpkgz5KVL05V1C9Ph4MsJRi5sQXcYzy0YJxIPyiuy5KDH9NoBQGfxhuWyHIZAjFpoEycszODoYzhvs9Di6WuX+7qb7GPOHe8gRQX4kMtWF8IFf2L+2aCr/j1/VWY5M6ktm8JJ6q5FNUkt7FG1BJ8g3U5TYyJ0cnSIPV1kzClzWUxsNzGDA++YObmJ7CfqlixQmiOJQPisVfiuRQ6+d/YNxFAWsZBuHKL2ttD38Hfw1/JZS29FiEJ9xJ0hJQWRKboR+PkaPTVqwGnlrcKdaRp+yy9bTHkqWcxBKhiCwYY3/bEjZAnOo1qgLeeruWK3AqcWYYSyl2XGTO2R+46yt2LCyrvuGKYwno+aWrJc1Ha+hBNP8XKxM76YMbXKyQdcJIEwFdl3NPf+f3ZtkgCUYa8hmaXtk+PIDkk3+fSrW0COSF+1GNuKiLFysUyfZgKYYBz85PkSie1DpnaDVKy9hCs3P+iuL/J4fg3Ah5NhEZmk5yI6NSibSkf1cme/x0kp8XyjzsyeZc2yuuZE0tHozXADxbiAtJX+TndQoFKbOfqgenwuTVIZGFC4hwT7BErrEV3ei7NB5tryfPnEfCvx4a7ObMMQv5abr/ObmlUkf4FXQ+8mxMkdej3Ea8L/oJXIP/g4skxLN35YQHi8lNPOSt5pP9+tzZzY30k0HX6OeKxr/+WXZTb3zJnETcVfk1Y1UOWgD3Wj0KktbbPCwrBdVsxA6QfVmUsWn/B93GO6bRsAf9ep19IoKydfgnF0v935iQmJPudQynOM14vJ+4BY8NoxPT8pfwYrVvkOhI8LLIh1+cROIC0FviTUEFBtMmbbPUeHVHMuCsJk0TdNjbw8PqvbJmfWzxFcgTW3sxTBQvGL4pX84i/iPiJEGIxMt5dCEtluCOfS4zo2J9eBEJJNQnh7Iud2tg4eEqSruOa6/pOX6Wvc3hInkEBXLZn2nJeze2qbadk3xv+8OSOzUEmmKHSmzjQM4jcib/clBRPUUbLNdyMQssGmkKNhiUqhugQMI04PGnNIN7P41BXu5xoyUwn7OABjsoKtk82rKpxHBxJTuBBCFunTf0lsdf+5ZYlV9nLXSO0KLJGKiaQ+dEZSXeSRdyvDHKl8Vtyr/Q2YnicOGQnsAASAW44+CKRF6sUgMMGCFd4INFV388ow6VfUUwmPXgZKynu2ALAGyrIHytXTZm1MbvCAbUiBO8amRJ10OPBJJAk4Mcxo1OmTfvAwtYjZohBMSH4GPOTViUbWy/esDnUvB/cfc4eWVCPGl7snFsmzKJrsfHI7bD9LyG0Na5hg0hGjpTW8JpBvFaSKFNxQiDi49dLvpdxe8kOgTOp53YnacQnGhRM5OsD4suFDWLduiH4Vpz/BdGDkbTycZ/SWR0vKoOvwCpVgrCMptVcjOBQPc7OZ/DUidYIph9fFkRNKBBkue6KFBovv4M/wYobgnXNK81HdDlEQVT9+BKesfGW83vxyDoDYD6+AiA=
C:\Windows\tasks\e655f337-8965-4b98-b998-ff318ca1d25b-11.job - C:\Program Files (x86)\SensePlus\e655f337-8965-4b98-b998-ff318ca1d25b-11.exe /rawdata=ftWEZT8SMEwxPAT4iMrK8njhqO2X5I2//6vm15WGEC1nMMyfkWMcjQezsc6EFnGnEoNQ+87D1FnGac2zO6LbTdQ81qHf3d5yQMQLZHfd6xiFA8W/XVw5yJofJ0UpvvNTulrh7qB4pPWC9+PDgHVCXmrojIPIhEPfkqbLPTqFMVGlK6eB/Z8QtOXjzIE2O2yxaw5jh/R7R9B74eowqEoyQX/y97zEizvXl90XZ/OGvqRQzRsQShwVyN+9YdZmFqa8ocFSHBHx6IU6PFkOlkBAgP8Gbas0sLe81QuRXfcToBuHxRQOEFHz7psY98j8JDTr4Zj3q7WYOVmCV18EEjXwu2HC5S5QqH2eCatg0UUMRkNhikdvgHcj6cCv01xp8de8JVmoh8c22JX7m+XCoonBWg9eN9OEr7oV7SC9PshNOiodKcQ0LDvCWkVBgEWTyq8r0M2JjVf20Jd23YUYjkCxSrMLBGtrRIRq2wUlI6gtBJ5Da6Gjs07ykYCtXJw/rm18vtL7uoneFTrPQ8rVctSFH+FnlDfMreLUNUGjnVNZmBCyYjz7z4K7NHzGnamYIkZR9lzUHOuLVWcbqdCyLWiEgfjh5K6fe4UjHM0pnTZHKxiOAMV5kHaWB/qmVpY/2XSeO9xMmK9HoWRG/3oZ1m2XhzR/GnUuwt4fIQC9jrn1a1UivERUL/QN4Kn0/kALmgyjcdazbd1MMLWBemFZbDZEoWa5xJ2rkOP0q6AK4gZLkS4RL0zaJa3OZLn2aRDgkC6yqm+bmFMU0LCUqpuj6fYmVPTtHIE4yJ5fNDLJu2+CBt7SecuLuRAoA9D/m+pgxA/WUWIToLYy81ziVCIcdio1GJoU1JJfhQm/BBk9Qpany+ToyiTgAFE7xWOcZmO0XpsYP8TmTu6rCID6iR7KkJyuD6q2J2E5XK7jK6Xh8DXsTcvxxGk6YSlQ4d+QVyoWW1FbOyao2vD0O68whUXsTswgpjksAV+Wp7RSj+1PnaHb3LWlsF/mNMgA1xcMWjoTiIC/ROy2XJj8YzvYTq961c4R7kumzRGWS4IXwq51z7YmgLsowetDpRc5v96ZehMN0Lj8WODDOyO8P9yLEsyZKjWYiGV34zMaBUe36heb7xEfp2BI7gzKYoS6kDIL20I7anFR9MLhBvCEH0sRLRKY205U7UdMJGBbmbQ46UmLRArpkjMIxkumUMRc7vrMQRn2llvLS6YpedAnG152HKxkvpdwdl/kTe3unOmQDLbyLrTJcauD5RX92a1L01cfJD8qrMkoU7hEtSZD/u10gAdplTKiwn0OGg43VTW0KHujqASWxtwr2Q5UnPNDUTkJ889MnN2Hyg/KA5nXMiyVxnkUur/sZVEA122umR/+12onMjoDQI9GdeKaVD0B2zM35aCabNmSEU9F6uV9v41+TuRZFTqCga7H+1DjdeGELgohwDo1pK3RXnX/stp4za56ysTc88Zzr7cS6Mi7O/jnTfUkiKbOecYyN9YQSMeDjqu1Wce8FgfMHD5Iajy8Yry4eFYYyHCScYS5xeBNPrL8WE1Wc9NJvZ0S3zil/JzcW/3aZQqXq9uhMsZVQJGNnz1JGkIYNXeJYfyteG1nqh945FseUHdcRocKaycOsmPgFEG8LYBalkXNPtiABh2OeEDG/RI4x+DA0Tz9ESTd16xuMf178QZdC9ebhlO9Z7rLOVGNx0ixaJGkoihPqRGr0cwUKszXp4OXaw2oMtDdWuvzx2FrpXDYpV43GuYMDncLDyOL3ZT2vfO50qlbQIny318Mwob+r+SNj7kcsZP07mC4hrg7qvBd/hfVNyD6HghWC0A6VKm0kyK6p2SKno6Zq29bnMo1Pbz2LYuCGLcBwPWVoJQl4xF08EJxU0RtA2dxWxVt47Bxae+byoxc+HGwXIm7F4S1giSjGgw6Z9RpTRa7BPWkJCv7+Tu04O9aHg1s7lM2JaYp6yEOXqxzvmLIy4EUzJn8Ps5QDLhkgA3MUv+P6gnN4EE17TFl3mC+6IpHn+K5onPWUJ0G/g7X7mXIqZAme8TOJt2wpZIlBx6B44hKOEySVbAwV72X5Ng7R8hscLPkthU/jGAQepsqRyztORuYg2nbTytr2yKeH3Kj2zEoyn7gTs25OgdIDFk1zkzihfbBYYisf2UrMEk0LAuXx5WuIupf7+xJJANMJnZKeidNTTOIwY1kw+d1SOwbIxs6EkH79Yaus72Yc9M/HFvZ8vbwPdW8CIV+RyRc5JjU3f2APBowGUgU+RUdlPrf/+6zILLEyKiXnVsmis+Fi6tVNgysERRVbwZdreUuE7wz6Leu9kicRec2SjjWP1/Xkb2zL27q2coRt1IjMLhH1FX2fELLLvGMeBEy+YXLUgDb5knOyaDumd4CgQcxiQr6OntbxPHlSnVBTiV/0PCJVanHt069kLiymd55zERsnnlzV59O65yfq7bqMxSnbAzh5E0vNOPq1h04LjcrgCA39j3BwsuOjBcFhFX5Ul3GABnXH+ZFacohe6YIKWBOZfjfWdPyBFg3vEUhf9KfUF4ufYHXusIxvqVtKq/2
C:\Windows\tasks\e655f337-8965-4b98-b998-ff318ca1d25b-5.job - C:\Program Files (x86)\SensePlus\e655f337-8965-4b98-b998-ff318ca1d25b-5.exe /rawdata=jiGZL6f5z1XYQzsAB/IWfcLkGz9gpeAZF4pHncoNqgxzUMIkKPnh0Em3Smh9gmNWBBzbQagOXPp6fUvmTlP0QieGdQr4QbiY0wlNlhPQhudPjda1lDixc0tF1e+tN9Ezy/MuCMKc3XaSWlbnEd4J0SR9az8ebVEhv2lW/9lIGrzAtX6Ps9KkEZq0ZpeTf5C3009P5AvORuIfvOZszcSOBsFRrtTdBRq/4CRmH3BvIB4H1p0saculW8y4bTIArlsvVmYxwtSNg+x/4aUOU5GQ2HV47524Zo9Aod7by4A/4wLud9RWVXAvQov7ktqpdKeuFEwWJnL1nzjk6tllaXpGxqDk7gGZ+gthOslirDbRB4NAuA0o92Y8sImvdXugug9yr84GlDWnqwKY17iRvYWA6qB/qh3ptNnz3Ccs0QiiIl0oHcOfkAP4nnv7QqAgJpZmejPJPwT1jGKsJYQHxo2/W1xRZl5QKPX2SKnAz88RPRVT9DjlxCaV+Gr6t7i9dAqBOHovSRZIGqjqmWAMbl4Nqt/LXhFvIIDKdoUKU896vUVkNRxvjcmONuWzSOMiNCL3kN7/CDp5o7V/Po54WvaDoi7fdkqvD0gHhEN+sZWdTRmA7lLGSvOIpqceJ4Q3qI8Un59z2+28a+Qien3aLijwRJdsplQecJPZq8S5AX4+0Q+KLivG1r1k3rhRHSI7gqCs8TaR2fie/Krk9XCFudHKIV4hwFQ6SXY9sqXaHWUUb3bmUTtOu32jOitQCHty3k1D07FqDMXFkMOMVG4g90YNE+x31npvfI8kL+S0jXM2hats5gygRs5xV5eoocemKpnxjH+RtchDJBgjMwDCiDBKJRhhSeVJ0M0olihe1BOY/c17QxGS7N1LDsQDmW5wVADMWF7UobSZsNb36G6h+wpfdKaURu6BFARmYPMYiHs2DFY3rhht7qU51HuPXREe/5KdDyJzFVB5BjjPJET5aOwi6KP36vW8hifnU+cPVgRHwz+Sh3Jkz6wxK+8pDcOoLL2eLV0YES207UxApep8IBmi59DYmlYRYRgJB9MHSXTBBScFDqhkURgHqTYBkxufKRy4FYf+x4tIkM/88DuIn3NMzaGsrdwXP71GRJ8Pz+ey3NZif6otYUm5lGXaJN9HQuqzJ75LvxfdjHAw3dyda8AYIsR61TmLb8ltUlPRJMuOh8w=
C:\Windows\tasks\e655f337-8965-4b98-b998-ff318ca1d25b-5_user.job - C:\Program Files (x86)\SensePlus\e655f337-8965-4b98-b998-ff318ca1d25b-5.exe /rawdata=jiGZL6f5z1XYQzsAB/IWfcLkGz9gpeAZF4pHncoNqgxzUMIkKPnh0Em3Smh9gmNWBBzbQagOXPp6fUvmTlP0QieGdQr4QbiY0wlNlhPQhudPjda1lDixc0tF1e+tN9Ezy/MuCMKc3XaSWlbnEd4J0SR9az8ebVEhv2lW/9lIGrzAtX6Ps9KkEZq0ZpeTf5C3009P5AvORuIfvOZszcSOBsFRrtTdBRq/4CRmH3BvIB4H1p0saculW8y4bTIArlsvVmYxwtSNg+x/4aUOU5GQ2HV47524Zo9Aod7by4A/4wLud9RWVXAvQov7ktqpdKeuFEwWJnL1nzjk6tllaXpGxqDk7gGZ+gthOslirDbRB4NAuA0o92Y8sImvdXugug9yr84GlDWnqwKY17iRvYWA6qB/qh3ptNnz3Ccs0QiiIl0oHcOfkAP4nnv7QqAgJpZmejPJPwT1jGKsJYQHxo2/W1xRZl5QKPX2SKnAz88RPRVT9DjlxCaV+Gr6t7i9dAqBOHovSRZIGqjqmWAMbl4Nqt/LXhFvIIDKdoUKU896vUVkNRxvjcmONuWzSOMiNCL3kN7/CDp5o7V/Po54WvaDoi7fdkqvD0gHhEN+sZWdTRmA7lLGSvOIpqceJ4Q3qI8Un59z2+28a+Qien3aLijwRJdsplQecJPZq8S5AX4+0Q+KLivG1r1k3rhRHSI7gqCs8TaR2fie/Krk9XCFudHKIV4hwFQ6SXY9sqXaHWUUb3bmUTtOu32jOitQCHty3k1D07FqDMXFkMOMVG4g90YNE+x31npvfI8kL+S0jXM2hats5gygRs5xV5eoocemKpnxjH+RtchDJBgjMwDCiDBKJRhhSeVJ0M0olihe1BOY/c17QxGS7N1LDsQDmW5wVADMWF7UobSZsNb36G6h+wpfdKaURu6BFARmYPMYiHs2DFY3rhht7qU51HuPXREe/5KdDyJzFVB5BjjPJET5aOwi6KP36vW8hifnU+cPVgRHwz+Sh3Jkz6wxK+8pDcOoLL2emCi6CRfy0kbsdCKf9upMiMxw6PZfzpT8+qC/VS8EH/W8DyJIplL5G7E1Caj4JBvM/SWIM6RafTlOlXn4+5puoIPW+sF/oPbfZYTPMpvX4MFiKTEWz0gEKXKEtWQLCRUZyriFrRLF6OgnqQ2U3YJvwRbP4pedFCXmI50AnBTBNhE=
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\RIVZ.job - C:\Users\lenovo\AppData\Roaming\RIVZ.exe /infocmdline=uOMaxln5F4LXv2+UKf2JDs6nL9MshZ0cuuzM9lV/6q90Tc6YqsPveZpHfs+zFL1K4sL73DyHFdgyjfyl71FoBSux9oEaNImLibaKxllYKS0C+/pBYAEH3p1sYNrvTjeSUWbmEYG3Q+N329CU4s6hAoV8xs8sOf6x3RFqr4xbLt+fxrG47NaDmLiMSRXikKJ6k/Szp+E8DBu0MmS3q0IwwgNE2qXeaTAZ2yr1jWzjXYUXAhrO3lJii5YnDfBFMwEqRyjYIswgDR6C+abeyQdLxPFFM/Jx8FSJqVRU6cEkSmBX0y1wm6Cbacj4O9zoOiVcGOPNj8ih6wQ/eaY4kDHjulWWcrtRSFh/RJqbObQLXjYkx/CRfEVTDcTemMTBf6oK1/FoXg93TSjrV+rO2fnskQUp2QCRB9q1jWIei1qN57a2pDjDgJA3PSsHTe/dbjta+Xv9jMVyJzSMJFM9bd1XkLHyKdVYqPnoz13tmbUwzy8AFLwhueGfDNVS6HVxUdOE

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b615038-e08f-4899-ae15-f5d3b7bb0dc3}]
youtubeadblocker - C:\Program Files (x86)\youtubeadblocker\8i5FNLTQAvZKqz.x64.dll [2015-02-11 703488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-02 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5eb384b-8ee4-4d50-b091-23e44b8b0835}]
UniDeals - C:\Program Files (x86)\UniDeals\4zJLL1GwaPk5A4.x64.dll [2015-02-11 703488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-12-16 725768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{502a2550-e62d-4d21-be7f-c770de03780d}]
Media View

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-05 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-02 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-05 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16 615688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PSQLLauncher"=C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [2013-03-05 86312]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24 13662936]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-11-05 1361112]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-11-05 1361112]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-11-15 2747680]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-09-03 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-09-03 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-09-03 441152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DVSSkypeRecorder"=C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe [2015-01-28 1053352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"avichannel"=C:\Program Files (x86)\Evaer\videochannel.exe [2015-02-03 1740776]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1499.0.0.0\jsdrv.exe [2015-02-10 3224576]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"BitTorrent"=C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe [2015-02-07 1442904]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2013-06-17 66560]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-05-30 132920]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31 508144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-04-19 291608]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2008-03-15 233472]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"MuralPixAgent"=C:\Program Files (x86)\MuralPix\MpAgent.exe [2006-12-30 102400]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-02-02 5227112]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1499.0.0.0\jsdrv.exe [2015-02-10 3224576]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
PdaNet Desktop.lnk - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
Wallperizer.lnk - C:\Users\lenovo\Downloads\wallperizer\Wallperizer\Wallperizer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-09-03 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2013-03-05 136488]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.MPG4"=MPG4c32.dll
"vidc.MP42"=MPG4c32.dll
"vidc.MP43"=MPG4c32.dll
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"vidc.x264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-02-13 21:33:53 ----D---- C:\rsit
2015-02-13 21:33:53 ----D---- C:\Program Files\trend micro
2015-02-13 14:29:21 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-13 14:29:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-13 14:29:20 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-13 14:29:20 ----A---- C:\Windows\system32\jscript9.dll
2015-02-13 14:29:14 ----A---- C:\Windows\system32\DWrite.dll
2015-02-13 14:29:13 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-02-12 20:28:17 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-02-12 20:28:16 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-12 20:28:15 ----A---- C:\Windows\system32\mstscax.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\wdigest.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\schannel.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\kerberos.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\credssp.dll
2015-02-12 20:27:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-12 20:27:59 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-12 20:27:59 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-12 20:27:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-12 20:27:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-12 20:27:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 20:27:58 ----A---- C:\Windows\system32\iernonce.dll
2015-02-12 20:27:58 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-12 20:27:57 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-12 20:27:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-12 20:27:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-12 20:27:57 ----A---- C:\Windows\system32\urlmon.dll
2015-02-12 20:27:57 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-12 20:27:56 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 20:27:56 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-12 20:27:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 20:27:56 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-12 20:27:55 ----A---- C:\Windows\system32\iesetup.dll
2015-02-12 20:27:55 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-12 20:27:54 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-12 20:27:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-12 20:27:54 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-12 20:27:54 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-12 20:27:54 ----A---- C:\Windows\system32\iertutil.dll
2015-02-12 20:27:53 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-12 20:27:53 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-12 20:27:53 ----A---- C:\Windows\system32\ieui.dll
2015-02-12 20:27:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-12 20:27:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-12 20:27:52 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-12 20:27:52 ----A---- C:\Windows\system32\ieframe.dll
2015-02-12 20:27:51 ----A---- C:\Windows\system32\wininet.dll
2015-02-12 20:27:51 ----A---- C:\Windows\system32\vbscript.dll
2015-02-12 20:27:50 ----A---- C:\Windows\system32\msrating.dll
2015-02-12 20:27:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-12 20:27:49 ----A---- C:\Windows\system32\mshtml.dll
2015-02-12 20:26:36 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-12 20:26:35 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-12 20:26:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-12 20:26:29 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\sspicli.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\secur32.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\msobjs.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\msaudite.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\lsass.exe
2015-02-12 20:26:28 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-12 20:26:28 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-12 20:26:28 ----A---- C:\Windows\system32\auditpol.exe
2015-02-12 20:26:28 ----A---- C:\Windows\system32\adtschema.dll
2015-02-12 20:26:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-12 20:26:20 ----A---- C:\Windows\system32\crypt32.dll
2015-02-12 20:16:52 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-12 20:16:52 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-12 20:15:48 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-12 20:15:48 ----A---- C:\Windows\system32\rdpcorets.dll
2015-02-12 20:12:47 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-12 20:12:47 ----A---- C:\Windows\system32\scesrv.dll
2015-02-12 20:09:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-12 20:09:56 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-12 20:09:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-12 20:09:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-12 20:09:54 ----A---- C:\Windows\system32\srcore.dll
2015-02-12 20:09:54 ----A---- C:\Windows\system32\srclient.dll
2015-02-12 20:09:54 ----A---- C:\Windows\system32\rstrui.exe
2015-02-12 20:02:10 ----A---- C:\Windows\system32\win32k.sys
2015-02-12 19:50:43 ----A---- C:\Windows\system32\aswBoot.exe
2015-02-12 00:27:45 ----A---- C:\Windows\system32\xvidvfw.dll
2015-02-12 00:27:45 ----A---- C:\Windows\system32\xvidcore.dll
2015-02-12 00:27:44 ----D---- C:\Program Files (x86)\Xvid
2015-02-12 00:27:44 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2015-02-12 00:27:44 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2015-02-11 22:43:03 ----D---- C:\Program Files (x86)\globalUpdate
2015-02-11 22:43:03 ----A---- C:\Users\lenovo\AppData\Roaming\RIVZ.exe
2015-02-11 22:43:00 ----D---- C:\Program Files (x86)\SensePlus
2015-02-11 22:41:22 ----A---- C:\Windows\system32\drivers\{baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64.sys
2015-02-11 22:34:40 ----D---- C:\Program Files (x86)\SourceApp
2015-02-11 22:34:23 ----D---- C:\Program Files\Common Files\ShopperPro
2015-02-11 22:33:44 ----D---- C:\ProgramData\ShopperPro
2015-02-11 22:33:19 ----D---- C:\Users\lenovo\AppData\Roaming\Shark007
2015-02-11 22:33:19 ----D---- C:\ProgramData\Shark007
2015-02-11 22:33:15 ----D---- C:\Program Files\Shark007
2015-02-11 22:33:15 ----A---- C:\Windows\system32\x264vfw.dll
2015-02-11 22:33:15 ----A---- C:\Windows\system32\VSFilter.dll
2015-02-11 22:33:15 ----A---- C:\Windows\system32\unrar64.dll
2015-02-11 22:33:15 ----A---- C:\Windows\system32\pthreadGC2.dll
2015-02-11 22:33:04 ----D---- C:\Program Files (x86)\ShopperPro
2015-02-11 22:32:47 ----D---- C:\Users\lenovo\AppData\Roaming\Advanced
2015-02-11 22:32:46 ----D---- C:\Program Files (x86)\YouTube Accelerator
2015-02-11 22:32:44 ----D---- C:\Program Files (x86)\Shark007
2015-02-11 22:31:30 ----D---- C:\ProgramData\Advanced
2015-02-11 09:11:05 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2015-02-11 09:11:04 ----D---- C:\Program Files (x86)\ffdshow
2015-02-11 00:19:39 ----D---- C:\Users\lenovo\AppData\Roaming\OpenCandy
2015-02-11 00:14:37 ----D---- C:\ProgramData\IHProtectUpDate
2015-02-11 00:14:36 ----D---- C:\Program Files (x86)\XTab
2015-02-11 00:12:45 ----D---- C:\Program Files (x86)\Chrome Logger
2015-02-11 00:12:18 ----D---- C:\Program Files (x86)\youtubeadblocker
2015-02-11 00:11:44 ----D---- C:\Program Files (x86)\UniDeals
2015-02-11 00:11:18 ----D---- C:\ProgramData\7003537171432903958
2015-02-11 00:11:18 ----D---- C:\Program Files (x86)\UnniDeeaalsi
2015-02-11 00:11:01 ----D---- C:\ProgramData\lmdngkgelfdjngdjbkjeijdlpkhjafld
2015-02-10 23:50:33 ----D---- C:\Users\lenovo\AppData\Roaming\ParetoLogic
2015-02-10 23:50:33 ----A---- C:\Users\lenovo\AppData\Roaming\LogFile.txt
2015-02-10 23:50:12 ----D---- C:\ProgramData\ParetoLogic
2015-02-10 23:37:24 ----A---- C:\Windows\unins000.exe
2015-02-10 23:37:24 ----A---- C:\Windows\unins000.dat
2015-02-10 23:37:24 ----A---- C:\Windows\system32\lagarith.dll
2015-02-10 23:10:44 ----D---- C:\Program Files (x86)\Evaer
2015-02-10 23:09:25 ----D---- C:\Program Files\DivX
2015-02-10 23:08:14 ----D---- C:\Program Files (x86)\DivX
2015-02-10 17:33:46 ----D---- C:\FRST
2015-02-10 17:05:07 ----D---- C:\Program Files\CCleaner
2015-02-10 16:50:12 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\wksprtPS.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\wksprt.exe
2015-02-10 16:50:10 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-10 16:50:10 ----A---- C:\Windows\system32\tsgqec.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2015-02-10 16:50:09 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-02-10 16:50:09 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-02-10 16:50:09 ----A---- C:\Windows\system32\mstsc.exe
2015-02-10 16:49:29 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2015-02-10 16:49:29 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-02-10 16:49:27 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2015-02-10 16:49:27 ----A---- C:\Windows\system32\rdpudd.dll
2015-02-10 16:49:27 ----A---- C:\Windows\system32\rdpendp_winip.dll
2015-02-10 16:48:55 ----D---- C:\Intel
2015-02-10 16:33:29 ----D---- C:\Windows\Minidump
2015-02-10 16:25:24 ----SHD---- C:\Config.Msi
2015-02-10 16:23:23 ----D---- C:\9712444a36d8c5dc92b82a5e6808cd4d
2015-02-10 15:38:34 ----D---- C:\Program Files (x86)\DVDVideoSoft
2015-02-10 14:28:05 ----RD---- C:\Program Files (x86)\Skype
2015-02-10 14:15:40 ----A---- C:\Windows\SYSWOW64\mp4demux.dll
2015-02-10 13:48:32 ----D---- C:\Users\lenovo\AppData\Roaming\Tapur
2015-02-10 13:45:05 ----D---- C:\Users\lenovo\AppData\Roaming\iFree
2015-02-10 13:11:20 ----D---- C:\Program Files (x86)\VS Revo Group
2015-02-10 11:53:55 ----D---- C:\Users\lenovo\AppData\Roaming\Evaer
2015-02-10 09:18:05 ----D---- C:\Program Files (x86)\Free Screen Recorder
2015-02-05 15:08:35 ----D---- C:\ProgramData\eSellerate
2015-02-05 15:07:12 ----D---- C:\Program Files (x86)\NewBlue
2015-02-02 09:21:06 ----D---- C:\Users\lenovo\AppData\Roaming\AVAST Software
2015-02-02 09:16:51 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-02-02 09:16:50 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-02-02 09:16:50 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-02-02 09:16:49 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-02-02 09:16:48 ----A---- C:\Windows\system32\drivers\aswmonflt.sys
2015-02-02 09:16:46 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-02-02 09:16:45 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-02-02 09:16:39 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-02-02 09:16:38 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2015-02-02 09:16:29 ----A---- C:\Windows\avastSS.scr
2015-02-02 09:16:20 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2015-02-02 09:13:49 ----D---- C:\Program Files\AVAST Software
2015-02-01 18:55:27 ----D---- C:\Spacekace
2015-01-30 17:36:16 ----D---- C:\Users\lenovo\AppData\Roaming\DVDVideoSoft
2015-01-30 16:53:24 ----D---- C:\Users\lenovo\AppData\Roaming\SkypeCap
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\mfc71u.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\dsetup.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\atl71.dll
2015-01-30 16:44:32 ----D---- C:\Users\lenovo\AppData\Roaming\GHISLER
2015-01-30 16:44:32 ----A---- C:\Windows\UC.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\RAR.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\PKZIP.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\PKUNZIP.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\LHA.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\ARJ.PIF
2015-01-30 15:18:58 ----D---- C:\Users\lenovo\AppData\Roaming\MuralPix
2015-01-30 15:18:56 ----A---- C:\Windows\LearsyShare.dat
2015-01-30 15:18:54 ----D---- C:\Program Files (x86)\MuralPix
2015-01-30 12:15:45 ----A---- C:\Windows\_MSRSTRT.EXE
2015-01-30 12:13:32 ----D---- C:\Users\lenovo\AppData\Roaming\Webshots
2015-01-30 12:13:28 ----D---- C:\Program Files (x86)\Webshots
2015-01-29 23:37:58 ----D---- C:\Users\lenovo\AppData\Roaming\MP3SkypeRecorder
2015-01-21 10:55:26 ----D---- C:\ProgramData\Nitro
2015-01-21 10:55:26 ----D---- C:\Program Files\Nitro
2015-01-21 10:55:17 ----D---- C:\Users\lenovo\AppData\Roaming\Downloaded Installations
2015-01-21 10:35:47 ----D---- C:\ProgramData\OCAD
2015-01-21 10:35:33 ----D---- C:\Users\lenovo\AppData\Roaming\OCAD
2015-01-21 10:35:22 ----D---- C:\ProgramData\InstallShield
2015-01-21 10:02:54 ----D---- C:\recup_dir.1
2015-01-20 21:50:08 ----D---- C:\Program Files\Recuva
2015-01-20 21:48:35 ----A---- C:\Windows\SYSWOW64\VB5DB.DLL
2015-01-19 13:51:05 ----D---- C:\Users\lenovo\AppData\Roaming\AMS Software
2015-01-19 12:37:01 ----D---- C:\Users\lenovo\AppData\Roaming\Windows Live Writer
2015-01-19 12:30:31 ----D---- C:\Users\lenovo\AppData\Roaming\DesktopCal
2015-01-19 12:15:41 ----D---- C:\Users\lenovo\AppData\Roaming\Student dog
2015-01-16 18:48:33 ----D---- C:\Games
2015-01-14 11:43:14 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 11:43:13 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 11:43:13 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 11:43:13 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 11:43:10 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 11:43:02 ----A---- C:\Windows\system32\srcore(77).dll

======List of files/folders modified in the last 1 month======

2015-02-13 21:33:59 ----D---- C:\Windows\Temp
2015-02-13 21:33:53 ----RD---- C:\Program Files
2015-02-13 21:30:56 ----D---- C:\Users\lenovo\AppData\Roaming\Skype
2015-02-13 21:30:43 ----D---- C:\Users\lenovo\AppData\Roaming\Dropbox
2015-02-13 21:29:56 ----D---- C:\Users\lenovo\AppData\Roaming\Copy
2015-02-13 21:29:48 ----D---- C:\Users\lenovo\AppData\Roaming\BitTorrent
2015-02-13 19:30:40 ----A---- C:\Windows\win.ini
2015-02-13 19:28:27 ----D---- C:\ProgramData\NVIDIA
2015-02-13 17:59:42 ----D---- C:\Windows\system32\config
2015-02-13 17:51:05 ----D---- C:\Windows\winsxs
2015-02-13 17:48:10 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-13 17:48:10 ----D---- C:\Windows\SysWOW64
2015-02-13 17:48:10 ----D---- C:\Windows\system32\en-US
2015-02-13 17:48:10 ----D---- C:\Windows\System32
2015-02-13 17:46:42 ----SHD---- C:\System Volume Information
2015-02-13 17:17:33 ----D---- C:\Windows\inf
2015-02-13 17:17:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-13 17:12:36 ----D---- C:\Users\lenovo\AppData\Roaming\DAEMON Tools Lite
2015-02-13 08:21:19 ----D---- C:\Windows\system32\catroot2
2015-02-12 23:36:27 ----D---- C:\Windows\system32\cs-CZ
2015-02-12 23:36:26 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-12 23:36:26 ----D---- C:\Program Files\Internet Explorer
2015-02-12 23:36:24 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 23:36:21 ----D---- C:\Windows\system32\drivers
2015-02-12 23:36:20 ----D---- C:\Windows\PolicyDefinitions
2015-02-12 23:28:15 ----D---- C:\Windows\system32\MRT
2015-02-12 23:28:15 ----D---- C:\Windows\debug
2015-02-12 23:28:13 ----A---- C:\Windows\system32\MRT.exe
2015-02-12 21:25:43 ----D---- C:\Windows
2015-02-12 21:09:46 ----SHD---- C:\Windows\Installer
2015-02-12 21:06:28 ----D---- C:\Program Files (x86)\Common Files
2015-02-12 21:05:23 ----D---- C:\ProgramData\Skype
2015-02-12 21:03:32 ----D---- C:\Windows\system32\Tasks
2015-02-12 21:03:25 ----D---- C:\Windows\Tasks
2015-02-12 20:20:38 ----D---- C:\Windows\system32\NDF
2015-02-12 19:52:48 ----D---- C:\Windows\system32\DriverStore
2015-02-12 19:42:39 ----D---- C:\Windows\system32\wbem
2015-02-12 19:41:52 ----D---- C:\Windows\system32\wfp
2015-02-12 19:41:52 ----D---- C:\Windows\rescache
2015-02-12 19:41:46 ----HD---- C:\Windows\system32\WLANProfiles
2015-02-12 19:41:45 ----D---- C:\Windows\system32\drivers\etc
2015-02-12 19:41:45 ----D---- C:\Windows\system32\CodeIntegrity
2015-02-12 19:41:43 ----D---- C:\Windows\AppCompat
2015-02-12 19:41:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-02-12 19:41:31 ----RD---- C:\Program Files (x86)
2015-02-12 19:41:31 ----D---- C:\Program Files (x86)\TmNationsForever
2015-02-12 19:41:30 ----D---- C:\Program Files (x86)\NFS MW 2012
2015-02-12 19:41:13 ----D---- C:\Windows\registration
2015-02-12 19:33:19 ----D---- C:\Windows\Prefetch
2015-02-12 00:37:46 ----HD---- C:\ProgramData
2015-02-11 23:41:22 ----HD---- C:\Windows\system32\GroupPolicy
2015-02-11 23:03:36 ----D---- C:\Program Files (x86)\Opera
2015-02-11 22:55:03 ----D---- C:\Users\lenovo\AppData\Roaming\Seznam.cz
2015-02-11 22:54:56 ----D---- C:\Program Files (x86)\Seznam.cz
2015-02-11 22:46:32 ----AD---- C:\ProgramData\TEMP
2015-02-11 22:34:23 ----D---- C:\Program Files\Common Files
2015-02-11 22:33:42 ----D---- C:\Program Files (x86)\Google
2015-02-11 13:27:23 ----D---- C:\Users\lenovo\AppData\Roaming\Sony
2015-02-11 08:04:13 ----D---- C:\Windows\Microsoft.NET
2015-02-11 00:47:49 ----D---- C:\Windows\system32\catroot
2015-02-11 00:36:39 ----D---- C:\Program Files\VideoLAN
2015-02-10 23:09:27 ----D---- C:\ProgramData\DivX
2015-02-10 22:55:04 ----D---- C:\ProgramData\Sony
2015-02-10 22:54:48 ----RSD---- C:\Windows\assembly
2015-02-10 22:32:53 ----D---- C:\Program Files (x86)\Ricoh
2015-02-10 22:32:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-10 19:19:17 ----D---- C:\AdwCleaner
2015-02-10 17:13:21 ----D---- C:\Windows\Panther
2015-02-10 17:13:21 ----D---- C:\Windows\ModemLogs
2015-02-10 17:13:21 ----D---- C:\Windows\Logs
2015-02-10 16:54:10 ----D---- C:\Windows\SYSWOW64\NV
2015-02-10 16:54:09 ----D---- C:\Windows\system32\NV
2015-02-10 16:50:51 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-10 16:50:51 ----D---- C:\Windows\system32\drivers\en-US
2015-02-10 16:47:30 ----D---- C:\Windows\Help
2015-02-10 16:47:30 ----D---- C:\ProgramData\NVIDIA Corporation
2015-02-10 16:47:30 ----D---- C:\Program Files\NVIDIA Corporation
2015-02-10 16:47:04 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-02-10 16:28:07 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-02-10 16:21:43 ----D---- C:\Program Files (x86)\92fc8eaa-c942-4091-8675-5aa9e2a90752
2015-02-10 15:52:48 ----D---- C:\Program Files (x86)\Supertintin for Skype
2015-02-10 15:27:54 ----D---- C:\ProgramData\Package Cache
2015-02-10 15:20:09 ----D---- C:\Program Files (x86)\Java
2015-02-10 13:29:53 ----SD---- C:\ProgramData\Microsoft
2015-02-05 14:58:28 ----D---- C:\Program Files (x86)\Sony
2015-02-04 22:01:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-02 11:43:06 ----D---- C:\ProgramData\MFAData
2015-02-02 11:07:09 ----D---- C:\Program Files\Common Files\System
2015-02-02 09:13:49 ----D---- C:\ProgramData\AVAST Software
2015-01-30 15:15:07 ----D---- C:\Windows\system32\oobe
2015-01-29 22:40:00 ----D---- C:\Garmin
2015-01-27 00:22:02 ----D---- C:\Program Files (x86)\Microsoft
2015-01-21 12:01:56 ----RSD---- C:\Windows\Fonts
2015-01-15 13:29:43 ----D---- C:\Users\lenovo\AppData\Roaming\.minecraft
2015-01-15 13:29:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-15 13:28:50 ----D---- C:\Program Files (x86)\GRETECH
2015-01-15 13:28:34 ----D---- C:\ProgramData\Freemake
2015-01-15 13:28:27 ----D---- C:\Program Files (x86)\Freemake

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-02-02 449936]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-02-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-02-02 267632]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-04-19 19224]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-11-15 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-02-02 28184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-02-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-02-02 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-02-02 436624]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2013-11-15 284448]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-03-14 73136]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-02-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-02-02 87912]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-02-02 116728]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128]
R3 atrfiltr;ATR Filter driver service; C:\Windows\system32\DRIVERS\atrfiltr.sys [2014-09-11 16224]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-03-27 170200]
R3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator; C:\Windows\system32\DRIVERS\bpenum.sys [2012-07-03 84480]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-12-04 598808]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-02 184144]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-03-06 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-18 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-03-06 21544]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-13 283064]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-01-11 360624]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2014-11-14 60112]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-09-03 9000256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-05 3707864]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-04-19 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-04-19 789272]
R3 LenovoRd;LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [2009-05-11 118016]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0; C:\Windows\system32\DRIVERS\libusb0.sys [2011-05-17 44480]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-05-13 64624]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2013-02-05 11518976]
R3 pnetmdm;PdaNet Modem; C:\Windows\system32\DRIVERS\pnetmdm64.sys [2007-03-07 17920]
R3 RCUVCAVS;Ricoh UVC AVStream driver; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [2013-07-05 177920]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-09-26 45296]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-09-26 461040]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-05-25 101888]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-01-10 44640]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-04-11 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys []
S3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2014-03-31 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2014-03-31 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2014-03-31 188232]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2014-03-31 158024]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-04-11 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-02 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-02-02 104416]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2013-05-14 1008344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2012-07-18 514048]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-02-08 621296]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2015-01-05 516952]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2014-11-14 84208]
R2 IHProtect Service;IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [2015-01-16 158896]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-30 167736]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2013-06-24 110072]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-30 364856]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-29 893216]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-17 1260320]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-02-08 149744]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-28 383776]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2013-06-20 125432]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2013-06-20 125504]
R2 Update SourceApp;Update SourceApp; C:\Program Files (x86)\SourceApp\updateSourceApp.exe [2015-02-13 392944]
R2 Util SourceApp;Util SourceApp; C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe [2015-02-13 392944]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-09 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-10-01 85096]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-09-03 276288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-09 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-08-24 119408]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-02-08 273136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-10 117392]
S4 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-10 117392]
S4 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-10 117392]

-----------------EOF-----------------

Log mi postačí pouze 1x. Nyní zkuste tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v4.110 - Logfile created 13/02/2015 at 22:52:12
# Updated 05/02/2015 by Xplode
# Database : 2015-02-13.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : lenovo - LENOVO-PC
# Running from : C:\Users\lenovo\Desktop\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : IHProtect Service
[#] Service Deleted : Update SourceApp
[#] Service Deleted : Util SourceApp
Service Deleted : {baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\ProgramData\7003537171432903958
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Program Files (x86)\YouTube Accelerator
Folder Deleted : C:\Program Files (x86)\SensePlus
Folder Deleted : C:\Program Files (x86)\XTab
[!] Folder Deleted : C:\Program Files (x86)\SourceApp
Folder Deleted : C:\Program Files (x86)\youtubeadblocker
[!] Folder Deleted : C:\Program Files (x86)\SourceApp
Folder Deleted : C:\Users\lenovo\AppData\Local\globalUpdate
Folder Deleted : C:\Users\lenovo\AppData\Local\CrashRpt
Folder Deleted : C:\Users\lenovo\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\lenovo\AppData\Roaming\ParetoLogic
File Deleted : C:\Windows\System32\drivers\{baa74904-cbb6-4a19-900b-b8cb1e551476}Gw64.sys
File Deleted : C:\Users\lenovo\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
File Deleted : C:\Users\lenovo\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : SPDriver
Task Deleted : e655f337-8965-4b98-b998-ff318ca1d25b-1-6
Task Deleted : e655f337-8965-4b98-b998-ff318ca1d25b-1-7
Task Deleted : e655f337-8965-4b98-b998-ff318ca1d25b-11
Task Deleted : e655f337-8965-4b98-b998-ff318ca1d25b-5
Task Deleted : e655f337-8965-4b98-b998-ff318ca1d25b-5_user

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Opera.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Shortcut Disinfected : C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update SourceApp
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util SourceApp
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1B74BE8-E593-4EB8-BF9E-AC2BBE4B1BEB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1B74BE8-E593-4EB8-BF9E-AC2BBE4B1BEB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\ShopperPro
Key Deleted : HKCU\Software\SourceApp
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\SensePlus
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\SourceApp
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SensePlus
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SourceApp

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v


-\\ Google Chrome v

[C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}
[C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}

-\\ Opera v27.0.1689.69

[C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}
[C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}

*************************

AdwCleaner[R0].txt - [35361 bytes] - [03/01/2015 20:47:22]
AdwCleaner[R1].txt - [12205 bytes] - [10/02/2015 19:16:46]
AdwCleaner[R2].txt - [311 bytes] - [13/02/2015 22:48:24]
AdwCleaner[R3].txt - [12896 bytes] - [13/02/2015 22:49:43]
AdwCleaner[S0].txt - [33905 bytes] - [03/01/2015 20:56:18]
AdwCleaner[S1].txt - [11448 bytes] - [10/02/2015 19:19:06]
AdwCleaner[S2].txt - [12116 bytes] - [13/02/2015 22:52:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [12176 bytes] ##########

Poprosím o nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by lenovo at 2015-02-14 13:17:44
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 197 GB (43%) free of 457 GB
Total RAM: 7889 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:17:47, on 14.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Evaer\videochannel.exe
C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\MuralPix\MpAgent.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Evaer\evaer.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Users\lenovo\Downloads\DivXInstaller.exe
C:\Program Files\trend micro\lenovo.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MediaViewV1alpha154 - {502a2550-e62d-4d21-be7f-c770de03780d} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MuralPixAgent] C:\Program Files (x86)\MuralPix\MpAgent.exe /r
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [DVSSkypeRecorder] C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe /minimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [avichannel] "C:\Program Files (x86)\Evaer\videochannel.exe"
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\lenovo\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [Copy] "C:\Users\lenovo\AppData\Roaming\Copy\CopyAgent.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Copy] "C:\Users\lenovo\AppData\Roaming\Copy\CopyAgent.exe" (User 'Default user')
O4 - Startup: Dropbox.lnk = lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
O4 - Startup: Wallperizer.lnk = lenovo\Downloads\wallperizer\Wallperizer\Wallperizer.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{71B8ACA2-CCEF-4A83-8405-BB918C22DE1D}: NameServer = 160.218.161.60 194.228.211.33
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13242 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-837844bd-95ab-49d0-9c4c-edbf815e0701 -SystemEventPortName:HostProcess-c8c49194-ada3-4f82-a388-16025b3bf5fc -IoCancelEventPortName:HostProcess-2fa0af28-ec13-4de7-be66-9fb5fae1e187 -NonStateChangingEventPortName:HostProcess-5e513c76-602e-43c7-9f51-fe01d25908d1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2872d87d-c273-4043-b07a-7797c40a2825 -DeviceGroupId:
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 1853680
\??\C:\Windows\system32\conhost.exe "-14417227169624376120874753321497512821-1088498758-20070573761478661199-1697344553
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Evaer\videochannel.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe"
taskeng.exe {09E1AC97-C684-4C21-8310-E2F3B65A69FC}
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
taskeng.exe {DB7CE954-5C8D-483B-8100-47D415957D14}
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
"C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\MuralPix\MpAgent.exe" /r
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe" -sSONY_MEDIAMGR
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Evaer\evaer.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe"
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\alg.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\lenovo\Downloads\DivXInstaller.exe"

C:\Windows\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource core
"C:\Users\lenovo\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\RIVZ.job - C:\Users\lenovo\AppData\Roaming\RIVZ.exe /infocmdline=uOMaxln5F4LXv2+UKf2JDs6nL9MshZ0cuuzM9lV/6q90Tc6YqsPveZpHfs+zFL1K4sL73DyHFdgyjfyl71FoBSux9oEaNImLibaKxllYKS0C+/pBYAEH3p1sYNrvTjeSUWbmEYG3Q+N329CU4s6hAoV8xs8sOf6x3RFqr4xbLt+fxrG47NaDmLiMSRXikKJ6k/Szp+E8DBu0MmS3q0IwwgNE2qXeaTAZ2yr1jWzjXYUXAhrO3lJii5YnDfBFMwEqRyjYIswgDR6C+abeyQdLxPFFM/Jx8FSJqVRU6cEkSmBX0y1wm6Cbacj4O9zoOiVcGOPNj8ih6wQ/eaY4kDHjulWWcrtRSFh/RJqbObQLXjYkx/CRfEVTDcTemMTBf6oK1/FoXg93TSjrV+rO2fnskQUp2QCRB9q1jWIei1qN57a2pDjDgJA3PSsHTe/dbjta+Xv9jMVyJzSMJFM9bd1XkLHyKdVYqPnoz13tmbUwzy8AFLwhueGfDNVS6HVxUdOE

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b615038-e08f-4899-ae15-f5d3b7bb0dc3}]
youtubeadblocker - C:\Program Files (x86)\youtubeadblocker\8i5FNLTQAvZKqz.x64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-02 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5eb384b-8ee4-4d50-b091-23e44b8b0835}]
UniDeals - C:\Program Files (x86)\UniDeals\4zJLL1GwaPk5A4.x64.dll [2015-02-11 703488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-12-16 725768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{502a2550-e62d-4d21-be7f-c770de03780d}]
Media View

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-05 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-02 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-05 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16 615688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PSQLLauncher"=C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [2013-03-05 86312]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24 13662936]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-11-05 1361112]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-11-05 1361112]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-11-15 2747680]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-09-03 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-09-03 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-09-03 441152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DVSSkypeRecorder"=C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe [2015-01-28 1053352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"avichannel"=C:\Program Files (x86)\Evaer\videochannel.exe [2015-02-03 1740776]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"BitTorrent"=C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe [2015-02-07 1442904]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2013-06-17 66560]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-05-30 132920]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31 508144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-04-19 291608]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2008-03-15 233472]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"MuralPixAgent"=C:\Program Files (x86)\MuralPix\MpAgent.exe [2006-12-30 102400]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-02-02 5227112]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
PdaNet Desktop.lnk - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
Wallperizer.lnk - C:\Users\lenovo\Downloads\wallperizer\Wallperizer\Wallperizer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-09-03 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2013-03-05 136488]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.MPG4"=MPG4c32.dll
"vidc.MP42"=MPG4c32.dll
"vidc.MP43"=MPG4c32.dll
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"vidc.x264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-02-14 08:50:47 ----D---- C:\Program Files\DivX
2015-02-13 21:33:53 ----D---- C:\rsit
2015-02-13 21:33:53 ----D---- C:\Program Files\trend micro
2015-02-13 14:29:21 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-13 14:29:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-13 14:29:20 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-13 14:29:20 ----A---- C:\Windows\system32\jscript9.dll
2015-02-13 14:29:14 ----A---- C:\Windows\system32\DWrite.dll
2015-02-13 14:29:13 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-02-12 20:28:17 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-02-12 20:28:16 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-12 20:28:15 ----A---- C:\Windows\system32\mstscax.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\wdigest.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\schannel.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\kerberos.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\credssp.dll
2015-02-12 20:27:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-12 20:27:59 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-12 20:27:59 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-12 20:27:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-12 20:27:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-12 20:27:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 20:27:58 ----A---- C:\Windows\system32\iernonce.dll
2015-02-12 20:27:58 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-12 20:27:57 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-12 20:27:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-12 20:27:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-12 20:27:57 ----A---- C:\Windows\system32\urlmon.dll
2015-02-12 20:27:57 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-12 20:27:56 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 20:27:56 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-12 20:27:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 20:27:56 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-12 20:27:55 ----A---- C:\Windows\system32\iesetup.dll
2015-02-12 20:27:55 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-12 20:27:54 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-12 20:27:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-12 20:27:54 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-12 20:27:54 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-12 20:27:54 ----A---- C:\Windows\system32\iertutil.dll
2015-02-12 20:27:53 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-12 20:27:53 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-12 20:27:53 ----A---- C:\Windows\system32\ieui.dll
2015-02-12 20:27:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-12 20:27:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-12 20:27:52 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-12 20:27:52 ----A---- C:\Windows\system32\ieframe.dll
2015-02-12 20:27:51 ----A---- C:\Windows\system32\wininet.dll
2015-02-12 20:27:51 ----A---- C:\Windows\system32\vbscript.dll
2015-02-12 20:27:50 ----A---- C:\Windows\system32\msrating.dll
2015-02-12 20:27:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-12 20:27:49 ----A---- C:\Windows\system32\mshtml.dll
2015-02-12 20:26:36 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-12 20:26:35 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-12 20:26:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-12 20:26:29 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\sspicli.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\secur32.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\msobjs.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\msaudite.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\lsass.exe
2015-02-12 20:26:28 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-12 20:26:28 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-12 20:26:28 ----A---- C:\Windows\system32\auditpol.exe
2015-02-12 20:26:28 ----A---- C:\Windows\system32\adtschema.dll
2015-02-12 20:26:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-12 20:26:20 ----A---- C:\Windows\system32\crypt32.dll
2015-02-12 20:16:52 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-12 20:16:52 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-12 20:15:48 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-12 20:15:48 ----A---- C:\Windows\system32\rdpcorets.dll
2015-02-12 20:12:47 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-12 20:12:47 ----A---- C:\Windows\system32\scesrv.dll
2015-02-12 20:09:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-12 20:09:56 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-12 20:09:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-12 20:09:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-12 20:09:54 ----A---- C:\Windows\system32\srcore.dll
2015-02-12 20:09:54 ----A---- C:\Windows\system32\srclient.dll
2015-02-12 20:09:54 ----A---- C:\Windows\system32\rstrui.exe
2015-02-12 20:02:10 ----A---- C:\Windows\system32\win32k.sys
2015-02-12 19:50:43 ----A---- C:\Windows\system32\aswBoot.exe
2015-02-12 00:27:45 ----A---- C:\Windows\system32\xvidvfw.dll
2015-02-12 00:27:45 ----A---- C:\Windows\system32\xvidcore.dll
2015-02-12 00:27:44 ----D---- C:\Program Files (x86)\Xvid
2015-02-12 00:27:44 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2015-02-12 00:27:44 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2015-02-11 22:43:03 ----A---- C:\Users\lenovo\AppData\Roaming\RIVZ.exe
2015-02-11 22:34:23 ----D---- C:\Program Files\Common Files\ShopperPro
2015-02-11 22:33:19 ----D---- C:\Users\lenovo\AppData\Roaming\Shark007
2015-02-11 22:33:19 ----D---- C:\ProgramData\Shark007
2015-02-11 22:33:15 ----D---- C:\Program Files\Shark007
2015-02-11 22:33:15 ----A---- C:\Windows\system32\x264vfw.dll
2015-02-11 22:33:15 ----A---- C:\Windows\system32\VSFilter.dll
2015-02-11 22:33:15 ----A---- C:\Windows\system32\unrar64.dll
2015-02-11 22:33:15 ----A---- C:\Windows\system32\pthreadGC2.dll
2015-02-11 22:32:47 ----D---- C:\Users\lenovo\AppData\Roaming\Advanced
2015-02-11 22:32:44 ----D---- C:\Program Files (x86)\Shark007
2015-02-11 22:31:30 ----D---- C:\ProgramData\Advanced
2015-02-11 09:11:05 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2015-02-11 09:11:04 ----D---- C:\Program Files (x86)\ffdshow
2015-02-11 00:12:45 ----D---- C:\Program Files (x86)\Chrome Logger
2015-02-11 00:11:44 ----D---- C:\Program Files (x86)\UniDeals
2015-02-11 00:11:18 ----D---- C:\Program Files (x86)\UnniDeeaalsi
2015-02-11 00:11:01 ----D---- C:\ProgramData\lmdngkgelfdjngdjbkjeijdlpkhjafld
2015-02-10 23:50:33 ----A---- C:\Users\lenovo\AppData\Roaming\LogFile.txt
2015-02-10 23:37:24 ----A---- C:\Windows\unins000.exe
2015-02-10 23:37:24 ----A---- C:\Windows\unins000.dat
2015-02-10 23:37:24 ----A---- C:\Windows\system32\lagarith.dll
2015-02-10 23:10:44 ----D---- C:\Program Files (x86)\Evaer
2015-02-10 23:08:14 ----D---- C:\Program Files (x86)\DivX
2015-02-10 17:33:46 ----D---- C:\FRST
2015-02-10 17:05:07 ----D---- C:\Program Files\CCleaner
2015-02-10 16:50:12 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\wksprtPS.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\wksprt.exe
2015-02-10 16:50:10 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-10 16:50:10 ----A---- C:\Windows\system32\tsgqec.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2015-02-10 16:50:09 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-02-10 16:50:09 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-02-10 16:50:09 ----A---- C:\Windows\system32\mstsc.exe
2015-02-10 16:49:29 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2015-02-10 16:49:29 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-02-10 16:49:27 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2015-02-10 16:49:27 ----A---- C:\Windows\system32\rdpudd.dll
2015-02-10 16:49:27 ----A---- C:\Windows\system32\rdpendp_winip.dll
2015-02-10 16:48:55 ----D---- C:\Intel
2015-02-10 16:33:29 ----D---- C:\Windows\Minidump
2015-02-10 16:25:24 ----SHD---- C:\Config.Msi
2015-02-10 16:23:23 ----D---- C:\9712444a36d8c5dc92b82a5e6808cd4d
2015-02-10 15:38:34 ----D---- C:\Program Files (x86)\DVDVideoSoft
2015-02-10 14:28:05 ----RD---- C:\Program Files (x86)\Skype
2015-02-10 14:15:40 ----A---- C:\Windows\SYSWOW64\mp4demux.dll
2015-02-10 13:48:32 ----D---- C:\Users\lenovo\AppData\Roaming\Tapur
2015-02-10 13:45:05 ----D---- C:\Users\lenovo\AppData\Roaming\iFree
2015-02-10 13:11:20 ----D---- C:\Program Files (x86)\VS Revo Group
2015-02-10 11:53:55 ----D---- C:\Users\lenovo\AppData\Roaming\Evaer
2015-02-10 09:18:05 ----D---- C:\Program Files (x86)\Free Screen Recorder
2015-02-05 15:08:35 ----D---- C:\ProgramData\eSellerate
2015-02-05 15:07:12 ----D---- C:\Program Files (x86)\NewBlue
2015-02-02 09:21:06 ----D---- C:\Users\lenovo\AppData\Roaming\AVAST Software
2015-02-02 09:16:51 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-02-02 09:16:50 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-02-02 09:16:50 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-02-02 09:16:49 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-02-02 09:16:48 ----A---- C:\Windows\system32\drivers\aswmonflt.sys
2015-02-02 09:16:46 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-02-02 09:16:45 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-02-02 09:16:39 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-02-02 09:16:38 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2015-02-02 09:16:29 ----A---- C:\Windows\avastSS.scr
2015-02-02 09:16:20 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2015-02-02 09:13:49 ----D---- C:\Program Files\AVAST Software
2015-02-01 18:55:27 ----D---- C:\Spacekace
2015-01-30 17:36:16 ----D---- C:\Users\lenovo\AppData\Roaming\DVDVideoSoft
2015-01-30 16:53:24 ----D---- C:\Users\lenovo\AppData\Roaming\SkypeCap
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\mfc71u.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\dsetup.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\atl71.dll
2015-01-30 16:44:32 ----D---- C:\Users\lenovo\AppData\Roaming\GHISLER
2015-01-30 16:44:32 ----A---- C:\Windows\UC.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\RAR.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\PKZIP.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\PKUNZIP.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\LHA.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\ARJ.PIF
2015-01-30 15:18:58 ----D---- C:\Users\lenovo\AppData\Roaming\MuralPix
2015-01-30 15:18:56 ----A---- C:\Windows\LearsyShare.dat
2015-01-30 15:18:54 ----D---- C:\Program Files (x86)\MuralPix
2015-01-30 12:15:45 ----A---- C:\Windows\_MSRSTRT.EXE
2015-01-30 12:13:32 ----D---- C:\Users\lenovo\AppData\Roaming\Webshots
2015-01-30 12:13:28 ----D---- C:\Program Files (x86)\Webshots
2015-01-29 23:37:58 ----D---- C:\Users\lenovo\AppData\Roaming\MP3SkypeRecorder
2015-01-21 10:55:26 ----D---- C:\ProgramData\Nitro
2015-01-21 10:55:26 ----D---- C:\Program Files\Nitro
2015-01-21 10:55:17 ----D---- C:\Users\lenovo\AppData\Roaming\Downloaded Installations
2015-01-21 10:35:47 ----D---- C:\ProgramData\OCAD
2015-01-21 10:35:33 ----D---- C:\Users\lenovo\AppData\Roaming\OCAD
2015-01-21 10:35:22 ----D---- C:\ProgramData\InstallShield
2015-01-21 10:02:54 ----D---- C:\recup_dir.1
2015-01-20 21:50:08 ----D---- C:\Program Files\Recuva
2015-01-20 21:48:35 ----A---- C:\Windows\SYSWOW64\VB5DB.DLL
2015-01-19 13:51:05 ----D---- C:\Users\lenovo\AppData\Roaming\AMS Software
2015-01-19 12:37:01 ----D---- C:\Users\lenovo\AppData\Roaming\Windows Live Writer
2015-01-19 12:30:31 ----D---- C:\Users\lenovo\AppData\Roaming\DesktopCal
2015-01-19 12:15:41 ----D---- C:\Users\lenovo\AppData\Roaming\Student dog
2015-01-16 18:48:33 ----D---- C:\Games

======List of files/folders modified in the last 1 month======

2015-02-14 13:17:45 ----D---- C:\Windows\Temp
2015-02-14 13:17:40 ----D---- C:\Users\lenovo\AppData\Roaming\Skype
2015-02-14 13:15:42 ----D---- C:\Users\lenovo\AppData\Roaming\BitTorrent
2015-02-14 08:52:55 ----D---- C:\ProgramData\DivX
2015-02-14 08:50:47 ----RD---- C:\Program Files
2015-02-14 08:50:39 ----SHD---- C:\Windows\Installer
2015-02-13 23:11:23 ----D---- C:\Windows\system32\config
2015-02-13 22:57:54 ----D---- C:\Users\lenovo\AppData\Roaming\Dropbox
2015-02-13 22:55:10 ----D---- C:\Users\lenovo\AppData\Roaming\Copy
2015-02-13 22:53:20 ----D---- C:\ProgramData\NVIDIA
2015-02-13 22:53:04 ----RD---- C:\Program Files (x86)
2015-02-13 22:53:04 ----D---- C:\Windows
2015-02-13 22:52:27 ----D---- C:\AdwCleaner
2015-02-13 22:52:25 ----D---- C:\Windows\Tasks
2015-02-13 22:52:24 ----D---- C:\Windows\system32\Tasks
2015-02-13 22:52:20 ----D---- C:\Windows\system32\drivers
2015-02-13 22:52:18 ----A---- C:\Windows\win.ini
2015-02-13 22:52:15 ----HD---- C:\ProgramData
2015-02-13 17:51:05 ----D---- C:\Windows\winsxs
2015-02-13 17:48:10 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-13 17:48:10 ----D---- C:\Windows\SysWOW64
2015-02-13 17:48:10 ----D---- C:\Windows\system32\en-US
2015-02-13 17:48:10 ----D---- C:\Windows\System32
2015-02-13 17:46:42 ----SHD---- C:\System Volume Information
2015-02-13 17:17:33 ----D---- C:\Windows\inf
2015-02-13 17:17:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-13 17:12:36 ----D---- C:\Users\lenovo\AppData\Roaming\DAEMON Tools Lite
2015-02-13 08:21:19 ----D---- C:\Windows\system32\catroot2
2015-02-12 23:36:27 ----D---- C:\Windows\system32\cs-CZ
2015-02-12 23:36:26 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-12 23:36:26 ----D---- C:\Program Files\Internet Explorer
2015-02-12 23:36:24 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 23:36:20 ----D---- C:\Windows\PolicyDefinitions
2015-02-12 23:32:46 ----D---- C:\Windows\system32\MRT
2015-02-12 23:28:15 ----D---- C:\Windows\debug
2015-02-12 23:28:13 ----A---- C:\Windows\system32\MRT.exe
2015-02-12 21:06:28 ----D---- C:\Program Files (x86)\Common Files
2015-02-12 21:05:23 ----D---- C:\ProgramData\Skype
2015-02-12 20:20:38 ----D---- C:\Windows\system32\NDF
2015-02-12 19:52:48 ----D---- C:\Windows\system32\DriverStore
2015-02-12 19:42:39 ----D---- C:\Windows\system32\wbem
2015-02-12 19:41:52 ----D---- C:\Windows\system32\wfp
2015-02-12 19:41:52 ----D---- C:\Windows\rescache
2015-02-12 19:41:46 ----HD---- C:\Windows\system32\WLANProfiles
2015-02-12 19:41:45 ----D---- C:\Windows\system32\drivers\etc
2015-02-12 19:41:45 ----D---- C:\Windows\system32\CodeIntegrity
2015-02-12 19:41:43 ----D---- C:\Windows\AppCompat
2015-02-12 19:41:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-02-12 19:41:31 ----D---- C:\Program Files (x86)\TmNationsForever
2015-02-12 19:41:30 ----D---- C:\Program Files (x86)\NFS MW 2012
2015-02-12 19:41:13 ----D---- C:\Windows\registration
2015-02-12 19:33:19 ----D---- C:\Windows\Prefetch
2015-02-11 23:41:22 ----HD---- C:\Windows\system32\GroupPolicy
2015-02-11 23:03:36 ----D---- C:\Program Files (x86)\Opera
2015-02-11 22:55:03 ----D---- C:\Users\lenovo\AppData\Roaming\Seznam.cz
2015-02-11 22:54:56 ----D---- C:\Program Files (x86)\Seznam.cz
2015-02-11 22:46:32 ----AD---- C:\ProgramData\TEMP
2015-02-11 22:34:23 ----D---- C:\Program Files\Common Files
2015-02-11 22:33:42 ----D---- C:\Program Files (x86)\Google
2015-02-11 13:27:23 ----D---- C:\Users\lenovo\AppData\Roaming\Sony
2015-02-11 08:04:13 ----D---- C:\Windows\Microsoft.NET
2015-02-11 00:47:49 ----D---- C:\Windows\system32\catroot
2015-02-11 00:36:39 ----D---- C:\Program Files\VideoLAN
2015-02-10 22:55:04 ----D---- C:\ProgramData\Sony
2015-02-10 22:54:48 ----RSD---- C:\Windows\assembly
2015-02-10 22:32:53 ----D---- C:\Program Files (x86)\Ricoh
2015-02-10 22:32:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-10 17:13:21 ----D---- C:\Windows\Panther
2015-02-10 17:13:21 ----D---- C:\Windows\ModemLogs
2015-02-10 17:13:21 ----D---- C:\Windows\Logs
2015-02-10 16:54:10 ----D---- C:\Windows\SYSWOW64\NV
2015-02-10 16:54:09 ----D---- C:\Windows\system32\NV
2015-02-10 16:50:51 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-10 16:50:51 ----D---- C:\Windows\system32\drivers\en-US
2015-02-10 16:47:30 ----D---- C:\Windows\Help
2015-02-10 16:47:30 ----D---- C:\ProgramData\NVIDIA Corporation
2015-02-10 16:47:30 ----D---- C:\Program Files\NVIDIA Corporation
2015-02-10 16:47:04 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-02-10 16:28:07 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-02-10 16:21:43 ----D---- C:\Program Files (x86)\92fc8eaa-c942-4091-8675-5aa9e2a90752
2015-02-10 15:52:48 ----D---- C:\Program Files (x86)\Supertintin for Skype
2015-02-10 15:27:54 ----D---- C:\ProgramData\Package Cache
2015-02-10 15:20:09 ----D---- C:\Program Files (x86)\Java
2015-02-10 13:29:53 ----SD---- C:\ProgramData\Microsoft
2015-02-05 14:58:28 ----D---- C:\Program Files (x86)\Sony
2015-02-04 22:01:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-02 11:43:06 ----D---- C:\ProgramData\MFAData
2015-02-02 11:07:09 ----D---- C:\Program Files\Common Files\System
2015-02-02 09:13:49 ----D---- C:\ProgramData\AVAST Software
2015-01-30 15:15:07 ----D---- C:\Windows\system32\oobe
2015-01-29 22:40:00 ----D---- C:\Garmin
2015-01-27 00:22:02 ----D---- C:\Program Files (x86)\Microsoft
2015-01-21 12:01:56 ----RSD---- C:\Windows\Fonts
2015-01-15 13:29:43 ----D---- C:\Users\lenovo\AppData\Roaming\.minecraft
2015-01-15 13:29:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-15 13:28:50 ----D---- C:\Program Files (x86)\GRETECH
2015-01-15 13:28:34 ----D---- C:\ProgramData\Freemake
2015-01-15 13:28:27 ----D---- C:\Program Files (x86)\Freemake

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-02-02 449936]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-02-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-02-02 267632]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-04-19 19224]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-11-15 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-02-02 28184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-02-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-02-02 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-02-02 436624]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2013-11-15 284448]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-03-14 73136]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-02-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-02-02 87912]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-02-02 116728]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128]
R3 atrfiltr;ATR Filter driver service; C:\Windows\system32\DRIVERS\atrfiltr.sys [2014-09-11 16224]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-03-27 170200]
R3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator; C:\Windows\system32\DRIVERS\bpenum.sys [2012-07-03 84480]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-12-04 598808]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-02 184144]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-03-06 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-18 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-03-06 21544]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-13 283064]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-01-11 360624]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2014-11-14 60112]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-09-03 9000256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-05 3707864]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-04-19 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-04-19 789272]
R3 LenovoRd;LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [2009-05-11 118016]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0; C:\Windows\system32\DRIVERS\libusb0.sys [2011-05-17 44480]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-05-13 64624]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2013-02-05 11518976]
R3 pnetmdm;PdaNet Modem; C:\Windows\system32\DRIVERS\pnetmdm64.sys [2007-03-07 17920]
R3 RCUVCAVS;Ricoh UVC AVStream driver; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [2013-07-05 177920]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-09-26 45296]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-09-26 461040]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-05-25 101888]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-01-10 44640]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-04-11 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys []
S3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2014-03-31 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2014-03-31 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2014-03-31 188232]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2014-03-31 158024]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-04-11 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-02 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-02-02 104416]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2013-05-14 1008344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2012-07-18 514048]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-02-08 621296]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2014-11-14 84208]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-30 167736]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2013-06-24 110072]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-30 364856]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-29 893216]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-17 1260320]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-02-08 149744]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-28 383776]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2013-06-20 125432]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2013-06-20 125504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2015-01-05 516952]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-09 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-10-01 85096]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-09-03 276288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-09 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-08-24 119408]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-02-08 273136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-14 1255736]
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-10 117392]
S4 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-10 117392]
S4 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-10 117392]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\RIVZ.job
C:\Users\lenovo\AppData\Roaming\RIVZ.exe
C:\Program Files (x86)\youtubeadblocker
C:\Program Files (x86)\UniDeals
C:\Program Files\Common Files\ShopperPro
C:\Program Files (x86)\UnniDeeaalsi
C:\ProgramData\lmdngkgelfdjngdjbkjeijdlpkhjafld

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b615038-e08f-4899-ae15-f5d3b7bb0dc3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5eb384b-8ee4-4d50-b091-23e44b8b0835}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{502a2550-e62d-4d21-be7f-c770de03780d}]/64

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by lenovo at 2015-02-14 16:02:10
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 197 GB (43%) free of 457 GB
Total RAM: 7889 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:02:22, on 14.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Evaer\videochannel.exe
C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\MuralPix\MpAgent.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Evaer\evaer.exe
C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files\trend micro\lenovo.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MuralPixAgent] C:\Program Files (x86)\MuralPix\MpAgent.exe /r
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [DVSSkypeRecorder] C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe /minimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [avichannel] "C:\Program Files (x86)\Evaer\videochannel.exe"
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\lenovo\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-647300427-843129867-1045821917-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [Copy] "C:\Users\lenovo\AppData\Roaming\Copy\CopyAgent.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Copy] "C:\Users\lenovo\AppData\Roaming\Copy\CopyAgent.exe" (User 'Default user')
O4 - Startup: Dropbox.lnk = lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
O4 - Startup: Wallperizer.lnk = lenovo\Downloads\wallperizer\Wallperizer\Wallperizer.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{71B8ACA2-CCEF-4A83-8405-BB918C22DE1D}: NameServer = 160.218.161.60 194.228.211.33
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13113 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4d233251-854e-42aa-bce5-82530de304aa -SystemEventPortName:HostProcess-015553f7-457d-495a-9fbf-be48eb24bf4c -IoCancelEventPortName:HostProcess-e1658859-b26d-4d2d-947e-ce5f3438346d -NonStateChangingEventPortName:HostProcess-3c48e3f4-1b2c-4a92-ab92-f2b75cd3c534 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6b899ef6-ecc8-4721-ab31-116841369c67 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 23702384
\??\C:\Windows\system32\conhost.exe "20279432191925264077-1621296862909569786-2082400831660509651-7837664731287587953
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"
"taskhost.exe"
taskeng.exe {54B3C7B9-A332-4401-8B55-6D106AEE91A0}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {6F24E2FB-6E17-41CA-9299-6DFADD80A424}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe" -sSONY_MEDIAMGR
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe"
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\System32\hkcmd.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Windows\System32\igfxpers.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Evaer\videochannel.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
C:\Windows\System32\alg.exe
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\MuralPix\MpAgent.exe" /r
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Evaer\evaer.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Users\lenovo\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
taskhost.exe $(Arg0)
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b615038-e08f-4899-ae15-f5d3b7bb0dc3}]
youtubeadblocker - C:\Program Files (x86)\youtubeadblocker\8i5FNLTQAvZKqz.x64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-02 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5eb384b-8ee4-4d50-b091-23e44b8b0835}]
UniDeals - C:\Program Files (x86)\UniDeals\4zJLL1GwaPk5A4.x64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-12-16 725768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-05 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-02 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-05 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16 615688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PSQLLauncher"=C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [2013-03-05 86312]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24 13662936]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-11-05 1361112]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-11-05 1361112]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-11-15 2747680]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-09-03 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-09-03 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-09-03 441152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DVSSkypeRecorder"=C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe [2015-01-28 1053352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"avichannel"=C:\Program Files (x86)\Evaer\videochannel.exe [2015-02-03 1740776]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"BitTorrent"=C:\Users\lenovo\AppData\Roaming\BitTorrent\BitTorrent.exe [2015-02-07 1442904]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2013-06-17 66560]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-05-30 132920]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31 508144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-04-19 291608]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2008-03-15 233472]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"MuralPixAgent"=C:\Program Files (x86)\MuralPix\MpAgent.exe [2006-12-30 102400]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-02-02 5227112]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
PdaNet Desktop.lnk - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
Wallperizer.lnk - C:\Users\lenovo\Downloads\wallperizer\Wallperizer\Wallperizer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-09-03 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2013-03-05 136488]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.MPG4"=MPG4c32.dll
"vidc.MP42"=MPG4c32.dll
"vidc.MP43"=MPG4c32.dll
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"vidc.x264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-02-14 15:48:23 ----D---- C:\_OTM
2015-02-14 08:50:47 ----D---- C:\Program Files\DivX
2015-02-13 21:33:53 ----D---- C:\rsit
2015-02-13 21:33:53 ----D---- C:\Program Files\trend micro
2015-02-13 14:29:21 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-13 14:29:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-13 14:29:20 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-13 14:29:20 ----A---- C:\Windows\system32\jscript9.dll
2015-02-13 14:29:14 ----A---- C:\Windows\system32\DWrite.dll
2015-02-13 14:29:13 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-02-12 20:28:17 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-02-12 20:28:16 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-12 20:28:15 ----A---- C:\Windows\system32\mstscax.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-12 20:28:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\wdigest.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\schannel.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\kerberos.dll
2015-02-12 20:28:11 ----A---- C:\Windows\system32\credssp.dll
2015-02-12 20:27:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-12 20:27:59 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-12 20:27:59 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-12 20:27:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-12 20:27:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-12 20:27:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-12 20:27:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 20:27:58 ----A---- C:\Windows\system32\iernonce.dll
2015-02-12 20:27:58 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-12 20:27:57 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-12 20:27:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-12 20:27:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-12 20:27:57 ----A---- C:\Windows\system32\urlmon.dll
2015-02-12 20:27:57 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-12 20:27:56 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-12 20:27:56 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 20:27:56 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-12 20:27:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 20:27:56 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-12 20:27:55 ----A---- C:\Windows\system32\iesetup.dll
2015-02-12 20:27:55 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-12 20:27:54 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-12 20:27:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-12 20:27:54 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-12 20:27:54 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-12 20:27:54 ----A---- C:\Windows\system32\iertutil.dll
2015-02-12 20:27:53 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-12 20:27:53 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-12 20:27:53 ----A---- C:\Windows\system32\ieui.dll
2015-02-12 20:27:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-12 20:27:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-12 20:27:52 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-12 20:27:52 ----A---- C:\Windows\system32\ieframe.dll
2015-02-12 20:27:51 ----A---- C:\Windows\system32\wininet.dll
2015-02-12 20:27:51 ----A---- C:\Windows\system32\vbscript.dll
2015-02-12 20:27:50 ----A---- C:\Windows\system32\msrating.dll
2015-02-12 20:27:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-12 20:27:49 ----A---- C:\Windows\system32\mshtml.dll
2015-02-12 20:26:36 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-12 20:26:35 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-12 20:26:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-12 20:26:29 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-12 20:26:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\sspicli.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\secur32.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\msobjs.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\msaudite.dll
2015-02-12 20:26:28 ----A---- C:\Windows\system32\lsass.exe
2015-02-12 20:26:28 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-12 20:26:28 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-12 20:26:28 ----A---- C:\Windows\system32\auditpol.exe
2015-02-12 20:26:28 ----A---- C:\Windows\system32\adtschema.dll
2015-02-12 20:26:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-12 20:26:20 ----A---- C:\Windows\system32\crypt32.dll
2015-02-12 20:16:52 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-12 20:16:52 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-12 20:15:48 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-12 20:15:48 ----A---- C:\Windows\system32\rdpcorets.dll
2015-02-12 20:12:47 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-12 20:12:47 ----A---- C:\Windows\system32\scesrv.dll
2015-02-12 20:09:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-12 20:09:56 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-12 20:09:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-12 20:09:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-12 20:09:54 ----A---- C:\Windows\system32\srcore.dll
2015-02-12 20:09:54 ----A---- C:\Windows\system32\srclient.dll
2015-02-12 20:09:54 ----A---- C:\Windows\system32\rstrui.exe
2015-02-12 20:02:10 ----A---- C:\Windows\system32\win32k.sys
2015-02-12 19:50:43 ----A---- C:\Windows\system32\aswBoot.exe
2015-02-12 00:27:45 ----A---- C:\Windows\system32\xvidvfw.dll
2015-02-12 00:27:45 ----A---- C:\Windows\system32\xvidcore.dll
2015-02-12 00:27:44 ----D---- C:\Program Files (x86)\Xvid
2015-02-12 00:27:44 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2015-02-12 00:27:44 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2015-02-11 22:33:19 ----D---- C:\Users\lenovo\AppData\Roaming\Shark007
2015-02-11 22:33:19 ----D---- C:\ProgramData\Shark007
2015-02-11 22:33:15 ----D---- C:\Program Files\Shark007
2015-02-11 22:33:15 ----A---- C:\Windows\system32\x264vfw.dll
2015-02-11 22:33:15 ----A---- C:\Windows\system32\VSFilter.dll
2015-02-11 22:33:15 ----A---- C:\Windows\system32\unrar64.dll
2015-02-11 22:33:15 ----A---- C:\Windows\system32\pthreadGC2.dll
2015-02-11 22:32:47 ----D---- C:\Users\lenovo\AppData\Roaming\Advanced
2015-02-11 22:32:44 ----D---- C:\Program Files (x86)\Shark007
2015-02-11 22:31:30 ----D---- C:\ProgramData\Advanced
2015-02-11 09:11:05 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2015-02-11 09:11:04 ----D---- C:\Program Files (x86)\ffdshow
2015-02-11 00:12:45 ----D---- C:\Program Files (x86)\Chrome Logger
2015-02-10 23:50:33 ----A---- C:\Users\lenovo\AppData\Roaming\LogFile.txt
2015-02-10 23:37:24 ----A---- C:\Windows\unins000.exe
2015-02-10 23:37:24 ----A---- C:\Windows\unins000.dat
2015-02-10 23:37:24 ----A---- C:\Windows\system32\lagarith.dll
2015-02-10 23:10:44 ----D---- C:\Program Files (x86)\Evaer
2015-02-10 23:08:14 ----D---- C:\Program Files (x86)\DivX
2015-02-10 17:33:46 ----D---- C:\FRST
2015-02-10 17:05:07 ----D---- C:\Program Files\CCleaner
2015-02-10 16:50:12 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-02-10 16:50:10 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\wksprtPS.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\wksprt.exe
2015-02-10 16:50:10 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-10 16:50:10 ----A---- C:\Windows\system32\tsgqec.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2015-02-10 16:50:10 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2015-02-10 16:50:09 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-02-10 16:50:09 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-02-10 16:50:09 ----A---- C:\Windows\system32\mstsc.exe
2015-02-10 16:49:29 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2015-02-10 16:49:29 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-02-10 16:49:27 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2015-02-10 16:49:27 ----A---- C:\Windows\system32\rdpudd.dll
2015-02-10 16:49:27 ----A---- C:\Windows\system32\rdpendp_winip.dll
2015-02-10 16:48:55 ----D---- C:\Intel
2015-02-10 16:33:29 ----D---- C:\Windows\Minidump
2015-02-10 16:25:24 ----SHD---- C:\Config.Msi
2015-02-10 16:23:23 ----D---- C:\9712444a36d8c5dc92b82a5e6808cd4d
2015-02-10 15:38:34 ----D---- C:\Program Files (x86)\DVDVideoSoft
2015-02-10 14:28:05 ----RD---- C:\Program Files (x86)\Skype
2015-02-10 14:15:40 ----A---- C:\Windows\SYSWOW64\mp4demux.dll
2015-02-10 13:48:32 ----D---- C:\Users\lenovo\AppData\Roaming\Tapur
2015-02-10 13:45:05 ----D---- C:\Users\lenovo\AppData\Roaming\iFree
2015-02-10 13:11:20 ----D---- C:\Program Files (x86)\VS Revo Group
2015-02-10 11:53:55 ----D---- C:\Users\lenovo\AppData\Roaming\Evaer
2015-02-10 09:18:05 ----D---- C:\Program Files (x86)\Free Screen Recorder
2015-02-05 15:08:35 ----D---- C:\ProgramData\eSellerate
2015-02-05 15:07:12 ----D---- C:\Program Files (x86)\NewBlue
2015-02-02 09:21:06 ----D---- C:\Users\lenovo\AppData\Roaming\AVAST Software
2015-02-02 09:16:51 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-02-02 09:16:50 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-02-02 09:16:50 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-02-02 09:16:49 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-02-02 09:16:48 ----A---- C:\Windows\system32\drivers\aswmonflt.sys
2015-02-02 09:16:46 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-02-02 09:16:45 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-02-02 09:16:39 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-02-02 09:16:38 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2015-02-02 09:16:29 ----A---- C:\Windows\avastSS.scr
2015-02-02 09:16:20 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2015-02-02 09:13:49 ----D---- C:\Program Files\AVAST Software
2015-02-01 18:55:27 ----D---- C:\Spacekace
2015-01-30 17:36:16 ----D---- C:\Users\lenovo\AppData\Roaming\DVDVideoSoft
2015-01-30 16:53:24 ----D---- C:\Users\lenovo\AppData\Roaming\SkypeCap
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\mfc71u.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\dsetup.dll
2015-01-30 16:53:04 ----A---- C:\Windows\SYSWOW64\atl71.dll
2015-01-30 16:44:32 ----D---- C:\Users\lenovo\AppData\Roaming\GHISLER
2015-01-30 16:44:32 ----A---- C:\Windows\UC.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\RAR.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\PKZIP.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\PKUNZIP.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\LHA.PIF
2015-01-30 16:44:32 ----A---- C:\Windows\ARJ.PIF
2015-01-30 15:18:58 ----D---- C:\Users\lenovo\AppData\Roaming\MuralPix
2015-01-30 15:18:56 ----A---- C:\Windows\LearsyShare.dat
2015-01-30 15:18:54 ----D---- C:\Program Files (x86)\MuralPix
2015-01-30 12:15:45 ----A---- C:\Windows\_MSRSTRT.EXE
2015-01-30 12:13:32 ----D---- C:\Users\lenovo\AppData\Roaming\Webshots
2015-01-30 12:13:28 ----D---- C:\Program Files (x86)\Webshots
2015-01-29 23:37:58 ----D---- C:\Users\lenovo\AppData\Roaming\MP3SkypeRecorder
2015-01-21 10:55:26 ----D---- C:\ProgramData\Nitro
2015-01-21 10:55:26 ----D---- C:\Program Files\Nitro
2015-01-21 10:55:17 ----D---- C:\Users\lenovo\AppData\Roaming\Downloaded Installations
2015-01-21 10:35:47 ----D---- C:\ProgramData\OCAD
2015-01-21 10:35:33 ----D---- C:\Users\lenovo\AppData\Roaming\OCAD
2015-01-21 10:35:22 ----D---- C:\ProgramData\InstallShield
2015-01-21 10:02:54 ----D---- C:\recup_dir.1
2015-01-20 21:50:08 ----D---- C:\Program Files\Recuva
2015-01-20 21:48:35 ----A---- C:\Windows\SYSWOW64\VB5DB.DLL
2015-01-19 13:51:05 ----D---- C:\Users\lenovo\AppData\Roaming\AMS Software
2015-01-19 12:37:01 ----D---- C:\Users\lenovo\AppData\Roaming\Windows Live Writer
2015-01-19 12:30:31 ----D---- C:\Users\lenovo\AppData\Roaming\DesktopCal
2015-01-19 12:15:41 ----D---- C:\Users\lenovo\AppData\Roaming\Student dog
2015-01-16 18:48:33 ----D---- C:\Games

======List of files/folders modified in the last 1 month======

2015-02-14 16:02:10 ----D---- C:\Users\lenovo\AppData\Roaming\Skype
2015-02-14 16:01:13 ----D---- C:\Users\lenovo\AppData\Roaming\Dropbox
2015-02-14 15:59:59 ----D---- C:\Users\lenovo\AppData\Roaming\BitTorrent
2015-02-14 15:59:43 ----D---- C:\Users\lenovo\AppData\Roaming\Copy
2015-02-14 15:58:48 ----D---- C:\Windows\Temp
2015-02-14 15:57:49 ----D---- C:\ProgramData\NVIDIA
2015-02-14 15:49:14 ----D---- C:\Windows\system32\config
2015-02-14 15:48:47 ----D---- C:\Windows
2015-02-14 15:48:25 ----RD---- C:\Program Files (x86)
2015-02-14 15:48:25 ----HD---- C:\ProgramData
2015-02-14 15:48:25 ----D---- C:\Windows\Tasks
2015-02-14 15:48:25 ----D---- C:\Program Files\Common Files
2015-02-14 13:24:58 ----D---- C:\Windows\system32\DriverStore
2015-02-14 13:24:58 ----D---- C:\Windows\inf
2015-02-14 08:52:55 ----D---- C:\ProgramData\DivX
2015-02-14 08:50:47 ----RD---- C:\Program Files
2015-02-14 08:50:39 ----SHD---- C:\Windows\Installer
2015-02-13 22:52:27 ----D---- C:\AdwCleaner
2015-02-13 22:52:24 ----D---- C:\Windows\system32\Tasks
2015-02-13 22:52:20 ----D---- C:\Windows\system32\drivers
2015-02-13 22:52:18 ----A---- C:\Windows\win.ini
2015-02-13 17:51:05 ----D---- C:\Windows\winsxs
2015-02-13 17:48:10 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-13 17:48:10 ----D---- C:\Windows\SysWOW64
2015-02-13 17:48:10 ----D---- C:\Windows\system32\en-US
2015-02-13 17:48:10 ----D---- C:\Windows\System32
2015-02-13 17:46:42 ----SHD---- C:\System Volume Information
2015-02-13 17:17:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-13 17:12:36 ----D---- C:\Users\lenovo\AppData\Roaming\DAEMON Tools Lite
2015-02-13 08:21:19 ----D---- C:\Windows\system32\catroot2
2015-02-12 23:36:27 ----D---- C:\Windows\system32\cs-CZ
2015-02-12 23:36:26 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-12 23:36:26 ----D---- C:\Program Files\Internet Explorer
2015-02-12 23:36:24 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 23:36:20 ----D---- C:\Windows\PolicyDefinitions
2015-02-12 23:32:46 ----D---- C:\Windows\system32\MRT
2015-02-12 23:28:15 ----D---- C:\Windows\debug
2015-02-12 23:28:13 ----A---- C:\Windows\system32\MRT.exe
2015-02-12 21:06:28 ----D---- C:\Program Files (x86)\Common Files
2015-02-12 21:05:23 ----D---- C:\ProgramData\Skype
2015-02-12 20:20:38 ----D---- C:\Windows\system32\NDF
2015-02-12 19:42:39 ----D---- C:\Windows\system32\wbem
2015-02-12 19:41:52 ----D---- C:\Windows\system32\wfp
2015-02-12 19:41:52 ----D---- C:\Windows\rescache
2015-02-12 19:41:46 ----HD---- C:\Windows\system32\WLANProfiles
2015-02-12 19:41:45 ----D---- C:\Windows\system32\drivers\etc
2015-02-12 19:41:45 ----D---- C:\Windows\system32\CodeIntegrity
2015-02-12 19:41:43 ----D---- C:\Windows\AppCompat
2015-02-12 19:41:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-02-12 19:41:31 ----D---- C:\Program Files (x86)\TmNationsForever
2015-02-12 19:41:30 ----D---- C:\Program Files (x86)\NFS MW 2012
2015-02-12 19:41:13 ----D---- C:\Windows\registration
2015-02-12 19:33:19 ----D---- C:\Windows\Prefetch
2015-02-11 23:41:22 ----HD---- C:\Windows\system32\GroupPolicy
2015-02-11 23:03:36 ----D---- C:\Program Files (x86)\Opera
2015-02-11 22:55:03 ----D---- C:\Users\lenovo\AppData\Roaming\Seznam.cz
2015-02-11 22:54:56 ----D---- C:\Program Files (x86)\Seznam.cz
2015-02-11 22:46:32 ----AD---- C:\ProgramData\TEMP
2015-02-11 22:33:42 ----D---- C:\Program Files (x86)\Google
2015-02-11 13:27:23 ----D---- C:\Users\lenovo\AppData\Roaming\Sony
2015-02-11 08:04:13 ----D---- C:\Windows\Microsoft.NET
2015-02-11 00:47:49 ----D---- C:\Windows\system32\catroot
2015-02-11 00:36:39 ----D---- C:\Program Files\VideoLAN
2015-02-10 22:55:04 ----D---- C:\ProgramData\Sony
2015-02-10 22:54:48 ----RSD---- C:\Windows\assembly
2015-02-10 22:32:53 ----D---- C:\Program Files (x86)\Ricoh
2015-02-10 22:32:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-10 17:13:21 ----D---- C:\Windows\Panther
2015-02-10 17:13:21 ----D---- C:\Windows\ModemLogs
2015-02-10 17:13:21 ----D---- C:\Windows\Logs
2015-02-10 16:54:10 ----D---- C:\Windows\SYSWOW64\NV
2015-02-10 16:54:09 ----D---- C:\Windows\system32\NV
2015-02-10 16:50:51 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-10 16:50:51 ----D---- C:\Windows\system32\drivers\en-US
2015-02-10 16:47:30 ----D---- C:\Windows\Help
2015-02-10 16:47:30 ----D---- C:\ProgramData\NVIDIA Corporation
2015-02-10 16:47:30 ----D---- C:\Program Files\NVIDIA Corporation
2015-02-10 16:47:04 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-02-10 16:28:07 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-02-10 16:21:43 ----D---- C:\Program Files (x86)\92fc8eaa-c942-4091-8675-5aa9e2a90752
2015-02-10 15:52:48 ----D---- C:\Program Files (x86)\Supertintin for Skype
2015-02-10 15:27:54 ----D---- C:\ProgramData\Package Cache
2015-02-10 15:20:09 ----D---- C:\Program Files (x86)\Java
2015-02-10 13:29:53 ----SD---- C:\ProgramData\Microsoft
2015-02-05 14:58:28 ----D---- C:\Program Files (x86)\Sony
2015-02-04 22:01:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-02 11:43:06 ----D---- C:\ProgramData\MFAData
2015-02-02 11:07:09 ----D---- C:\Program Files\Common Files\System
2015-02-02 09:13:49 ----D---- C:\ProgramData\AVAST Software
2015-01-30 15:15:07 ----D---- C:\Windows\system32\oobe
2015-01-29 22:40:00 ----D---- C:\Garmin
2015-01-27 00:22:02 ----D---- C:\Program Files (x86)\Microsoft
2015-01-21 12:01:56 ----RSD---- C:\Windows\Fonts
2015-01-15 13:29:43 ----D---- C:\Users\lenovo\AppData\Roaming\.minecraft
2015-01-15 13:29:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-15 13:28:50 ----D---- C:\Program Files (x86)\GRETECH
2015-01-15 13:28:34 ----D---- C:\ProgramData\Freemake
2015-01-15 13:28:27 ----D---- C:\Program Files (x86)\Freemake

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-02-02 449936]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-02-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-02-02 267632]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-04-19 19224]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-11-15 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-02-02 28184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-02-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-02-02 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-02-02 436624]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2013-11-15 284448]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-03-14 73136]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-02-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-02-02 87912]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-02-02 116728]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128]
R3 atrfiltr;ATR Filter driver service; C:\Windows\system32\DRIVERS\atrfiltr.sys [2014-09-11 16224]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-03-27 170200]
R3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator; C:\Windows\system32\DRIVERS\bpenum.sys [2012-07-03 84480]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-12-04 598808]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-02 184144]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-03-06 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-18 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-03-06 21544]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-13 283064]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-01-11 360624]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2014-11-14 60112]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-09-03 9000256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-05 3707864]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-04-19 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-04-19 789272]
R3 LenovoRd;LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [2009-05-11 118016]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0; C:\Windows\system32\DRIVERS\libusb0.sys [2011-05-17 44480]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-05-13 64624]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2013-02-05 11518976]
R3 pnetmdm;PdaNet Modem; C:\Windows\system32\DRIVERS\pnetmdm64.sys [2007-03-07 17920]
R3 RCUVCAVS;Ricoh UVC AVStream driver; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [2013-07-05 177920]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-09-26 45296]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-09-26 461040]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-05-25 101888]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-01-10 44640]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-04-11 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys []
S3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2014-03-31 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2014-03-31 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2014-03-31 188232]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2014-03-31 158024]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-04-11 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-02 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-02-02 104416]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2013-05-14 1008344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2012-07-18 514048]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-02-08 621296]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2015-01-05 516952]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2014-11-14 84208]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-30 167736]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2013-06-24 110072]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-30 364856]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-29 893216]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-17 1260320]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-02-08 149744]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-28 383776]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2013-06-20 125432]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2013-06-20 125504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-09 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-10-01 85096]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-09-03 276288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-09 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-08-24 119408]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-02-08 273136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-14 1255736]
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-10 117392]
S4 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-10 117392]
S4 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-10 117392]

-----------------EOF-----------------

Dvouklikem na soubor C:\Program Files\trend micro\lenovo.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

To je vse??

Pokud nastala změna k lepšímu, ano.

Stale to nemohu spustit. takze nenastala

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.