VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Chyba bitové kopie, chyba nouzového režimu a spustění system

https://forum.viry.cz:443/viewtopic.php?t=143759

Stránka 1 z 3

Chyba bitové kopie, chyba nouzového režimu a spustění system

Napsal: 31 bře 2015 21:56
od vanicda1
Ahoj mám potíze s počítačem, při zapnutí mi vyskakují okna - chyba bitové kopie, pricemz mi nelze otevřít ani nekteré soubory z panelu nástorju jako odinstalovat program, zabezpeční počítace a do nouzového režimu se mi také nedaří dostat takze ani obnova systemu není možná. Mohli byste mi prosim pomoci. děkuji moc
tady je log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by vanicda1 at 2015-03-31 22:55:19
Microsoft Windows 8.1
System drive C: has 405 GB (72%) free of 561 GB
Total RAM: 16296 MB (84% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:24, on 31. 3. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
C:\Program Files\trend micro\vanicda1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe" /platui /runkey
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LsvUIService - Lenovo - C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McNeel Update Service 5.0 (McNeelUpdate) - Robert McNeel & Associates - C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit (mi-raysat_3dsmax2012_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 12238 bytes

======Listing Processes======





wininit.exe


C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"C:\windows\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\Elantech\ETDService.exe"
dashost.exe {0875336e-0c0d-4689-813ed24fdad24337}
"C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe"
"C:\windows\system32\mfevtps.exe"
"C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files\McAfee\MSC\McAPExe.exe"
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-072f02f8-e78e-4631-b214-86b8ea0890d5 -SystemEventPortName:HostProcess-538af5cb-b8db-41e6-8021-5bda18a6a3b5 -IoCancelEventPortName:HostProcess-431fdc1c-aebe-4c27-b997-b25ab396d1f2 -NonStateChangingEventPortName:HostProcess-a7c4b9be-3cff-46fd-98da-5c17ab3e4aca -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:83003d8f-c4ba-46d2-8a66-f2f4d459a3bc -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
C:\WINDOWS\Explorer.EXE
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe" /AutoRun
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files\Common Files\mcafee\platform\McUICnt.exe" /platui /runkey
"C:\Users\vanicda1\AppData\Local\Pokki\Engine\StartMenuIndexer.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5032 CREDAT:267521 /prefetch:2
C:\Windows\System32\skydrive.exe -Embedding

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5032 CREDAT:529899 /prefetch:2
adb fork-server server
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe" -run
"C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe" --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d
"C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe" --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d
"C:\Users\vanicda1\Downloads\RSITx64 (1).exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-01-21 1179576]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2014-01-21 6340312]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-03-12 3276104]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24 13667032]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-05 1379544]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-05 1379544]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-05 1379544]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-06-19 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-06-19 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-06-19 10841584]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 415680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pokki"=C:\Users\vanicda1\AppData\Local\Pokki\Engine\Launcher.dll [2014-03-29 1892632]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2015-01-28 688984]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-03-13 7451928]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"mcpltui_exe"=C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe [2014-09-17 643064]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-01-19 126712]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"=C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2015-03-17 54072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-03-31 22:55:20 ----D---- C:\Program Files\trend micro
2015-03-31 22:52:02 ----A---- C:\WINDOWS\system32\drivers\xgjkf.sys
2015-03-31 20:49:05 ----D---- C:\Program Files\CCleaner
2015-03-30 16:16:21 ----D---- C:\WINDOWS\Minidump
2015-03-19 17:33:44 ----D---- C:\Users\vanicda1\AppData\Roaming\McNeel
2015-03-19 17:30:35 ----D---- C:\ProgramData\McNeel
2015-03-19 17:30:21 ----D---- C:\Program Files (x86)\McNeelUpdate
2015-03-19 17:30:13 ----D---- C:\Program Files\Rhinoceros 5.0 (64-bit)
2015-03-18 23:12:44 ----D---- C:\Users\vanicda1\AppData\Roaming\Garmin
2015-03-18 23:12:10 ----D---- C:\ProgramData\Garmin
2015-03-18 23:12:04 ----D---- C:\Program Files (x86)\Garmin
2015-03-16 17:21:38 ----D---- C:\Users\vanicda1\AppData\Roaming\SketchUp
2015-03-16 17:18:14 ----D---- C:\ProgramData\SketchUp
2015-03-16 17:18:14 ----D---- C:\Program Files (x86)\SketchUp
2015-03-12 09:49:08 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-03-12 09:49:07 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-03-12 09:49:07 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-03-12 09:49:03 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2015-03-12 09:49:03 ----A---- C:\WINDOWS\system32\winshfhc.dll
2015-03-12 09:48:23 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\fsquirt.exe
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\rfcomm.sys
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\hidbth.sys
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\bthport.sys
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\bthenum.sys
2015-03-12 09:48:21 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-03-12 09:48:21 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\SYSWOW64\mfc42u.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\SYSWOW64\mfc42.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\SYSWOW64\atlthunk.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\system32\mfc42u.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\system32\mfc42.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\system32\atlthunk.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-12 09:48:07 ----A---- C:\WINDOWS\system32\WSReset.exe
2015-03-12 09:48:07 ----A---- C:\WINDOWS\system32\WSCollect.exe
2015-03-12 09:47:09 ----A---- C:\WINDOWS\SYSWOW64\StorageContextHandler.dll
2015-03-12 09:47:09 ----A---- C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-12 09:47:08 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-03-12 09:47:08 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2015-03-12 09:47:08 ----A---- C:\WINDOWS\system32\authui.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eappprxy.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\system32\eappprxy.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\system32\eapphost.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\system32\eappgnui.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\system32\eappcfg.dll
2015-03-12 09:47:06 ----A---- C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-12 09:47:05 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2015-03-12 09:47:05 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2015-03-12 09:46:36 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2015-03-12 09:46:36 ----A---- C:\WINDOWS\system32\SHCore.dll
2015-03-12 09:46:33 ----A---- C:\WINDOWS\SYSWOW64\photowiz.dll
2015-03-12 09:46:33 ----A---- C:\WINDOWS\system32\photowiz.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\prnntfy.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\printui.exe
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\findnetprinters.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\compstui.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\win32spl.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\puiapi.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\prnntfy.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\localspl.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\findnetprinters.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\compstui.dll
2015-03-12 09:46:30 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2015-03-12 09:46:30 ----A---- C:\WINDOWS\system32\printui.exe
2015-03-12 09:46:30 ----A---- C:\WINDOWS\explorer.exe
2015-03-12 09:46:29 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-03-12 09:46:29 ----A---- C:\WINDOWS\SYSWOW64\calc.exe
2015-03-12 09:46:29 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-03-12 09:46:29 ----A---- C:\WINDOWS\system32\calc.exe
2015-03-12 09:45:07 ----A---- C:\WINDOWS\system32\win32k.sys
2015-03-12 09:45:07 ----A---- C:\WINDOWS\system32\schannel.dll
2015-03-12 09:45:06 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-03-12 09:45:03 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2015-03-12 09:45:03 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-03-12 09:45:03 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\lpk.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\fontsub.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\dciman32.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-03-12 09:45:01 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-03-12 09:45:01 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\ubpm.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\rdpudd.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2015-03-12 09:43:22 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-03-12 09:43:21 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-03-12 09:43:20 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-03-12 09:43:19 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-03-12 09:43:19 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-03-12 09:43:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-03-12 09:43:16 ----A---- C:\WINDOWS\system32\wininet.dll
2015-03-12 09:43:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-03-12 09:43:15 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-03-12 09:43:15 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-03-12 09:43:13 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-03-12 09:43:13 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-03-12 09:43:13 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-03-12 09:43:13 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\system32\jscript.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-03-12 09:42:52 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2015-03-12 09:42:52 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-12 09:42:51 ----A---- C:\WINDOWS\system32\shell32.dll
2015-03-12 09:42:50 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-03-12 09:42:26 ----A---- C:\WINDOWS\SYSWOW64\WMPhoto.dll
2015-03-12 09:42:26 ----A---- C:\WINDOWS\system32\WMPhoto.dll
2015-03-12 09:41:33 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2015-03-12 09:41:33 ----A---- C:\WINDOWS\system32\msctf.dll
2015-03-07 23:56:19 ----D---- C:\Users\vanicda1\AppData\Roaming\Maxthon3
2015-03-05 23:05:38 ----D---- C:\Users\vanicda1\AppData\Roaming\BSplayer PRO
2015-03-05 23:05:38 ----D---- C:\Program Files (x86)\Webteh
2015-03-01 17:09:23 ----D---- C:\Users\vanicda1\AppData\Roaming\NVIDIA

======List of files/folders modified in the last 1 month======

2015-03-31 22:55:21 ----D---- C:\WINDOWS\Temp
2015-03-31 22:55:20 ----RD---- C:\Program Files
2015-03-31 22:52:02 ----D---- C:\WINDOWS\system32\drivers
2015-03-31 22:33:24 ----D---- C:\WINDOWS\Inf
2015-03-31 22:33:24 ----AD---- C:\WINDOWS\System32
2015-03-31 22:33:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-31 22:30:28 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-31 22:30:16 ----D---- C:\WINDOWS\Prefetch
2015-03-31 22:00:02 ----D---- C:\WINDOWS\system32\sru
2015-03-31 21:43:11 ----D---- C:\WINDOWS\system32\wbem
2015-03-31 21:34:02 ----HD---- C:\ProgramData
2015-03-31 21:34:02 ----AD---- C:\Windows
2015-03-31 21:32:58 ----D---- C:\ProgramData\Avira
2015-03-31 21:16:22 ----D---- C:\Program Files (x86)\McAfee
2015-03-31 21:05:27 ----D---- C:\WINDOWS\SoftwareDistribution
2015-03-31 20:58:30 ----D---- C:\Program Files (x86)\Google
2015-03-31 20:58:29 ----D---- C:\WINDOWS\Tasks
2015-03-31 20:58:26 ----SHD---- C:\WINDOWS\Installer
2015-03-31 20:53:50 ----D---- C:\Users\vanicda1\AppData\Roaming\uTorrent
2015-03-31 20:53:26 ----DC---- C:\WINDOWS\Panther
2015-03-31 20:53:26 ----D---- C:\WINDOWS\Logs
2015-03-31 20:53:26 ----D---- C:\WINDOWS\debug
2015-03-31 20:49:14 ----D---- C:\WINDOWS\system32\Tasks
2015-03-30 16:36:57 ----SHD---- C:\System Volume Information
2015-03-30 16:02:29 ----D---- C:\WINDOWS\Microsoft.NET
2015-03-30 10:37:48 ----D---- C:\WINDOWS\AppReadiness
2015-03-26 15:08:44 ----D---- C:\WINDOWS\system32\config
2015-03-19 17:31:05 ----D---- C:\WINDOWS\WinSxS
2015-03-19 17:30:38 ----RSD---- C:\WINDOWS\assembly
2015-03-19 17:30:21 ----RD---- C:\Program Files (x86)
2015-03-19 17:30:13 ----D---- C:\Program Files (x86)\Common Files
2015-03-19 11:32:48 ----D---- C:\WINDOWS\system32\catroot
2015-03-18 23:12:34 ----D---- C:\WINDOWS\system32\DriverStore
2015-03-18 23:12:33 ----D---- C:\Program Files\DIFX
2015-03-18 23:11:52 ----D---- C:\ProgramData\Package Cache
2015-03-16 17:18:48 ----D---- C:\WINDOWS\SysWOW64
2015-03-15 15:14:36 ----D---- C:\WINDOWS\rescache
2015-03-15 14:03:36 ----HD---- C:\Program Files\WindowsApps
2015-03-13 15:39:57 ----D---- C:\Program Files\Internet Explorer
2015-03-13 15:39:57 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-13 15:39:55 ----RD---- C:\WINDOWS\ToastData
2015-03-13 15:39:52 ----D---- C:\Program Files\Windows Defender
2015-03-13 15:39:51 ----D---- C:\Program Files (x86)\Windows Defender
2015-03-13 15:39:49 ----D---- C:\WINDOWS\SYSWOW64\en-US
2015-03-13 15:39:49 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-03-13 15:39:49 ----D---- C:\WINDOWS\system32\en-US
2015-03-13 15:39:49 ----D---- C:\WINDOWS\system32\cs-CZ
2015-03-13 15:39:44 ----D---- C:\WINDOWS\WinStore
2015-03-12 10:55:24 ----D---- C:\WINDOWS\CbsTemp
2015-03-12 10:54:02 ----D---- C:\WINDOWS\system32\MRT
2015-03-12 10:50:11 ----A---- C:\WINDOWS\system32\MRT.exe
2015-03-04 23:24:42 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-03-02 15:57:30 ----D---- C:\WINDOWS\system32\LogFiles
2015-03-02 11:50:29 ----D---- C:\ProgramData\Adobe
2015-03-01 17:10:01 ----D---- C:\Users\vanicda1\AppData\Roaming\Adobe
2015-03-01 16:54:22 ----D---- C:\ProgramData\regid.1986-12.com.adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2014-10-01 786304]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\WINDOWS\system32\drivers\mfewfpk.sys [2014-10-01 348560]
R3 ACPIVPC;@oem41.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-06-19 35576]
R3 AthBTPort;@oem17.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-12-24 89800]
R3 athr;@oem40.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-11-13 3880448]
R3 BTATH_A2DP;@oem16.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-12-24 338120]
R3 btath_avdt;@oem16.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-12-24 116424]
R3 BTATH_BUS;@oem14.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-12-24 34384]
R3 BTATH_HCRP;@oem19.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-12-24 179432]
R3 BTATH_LWFLT;@oem21.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-12-24 77464]
R3 BTATH_RCP;@oem23.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-12-24 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-12-24 597192]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2014-10-01 72136]
R3 ETD;@oem37.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2014-03-12 401160]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2014-03-11 24904]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-04-16 3785216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-03-11 3891800]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MEIx64;@oem5.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2014-10-01 181584]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2014-10-01 313680]
R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2014-10-01 526360]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [2014-09-19 447440]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-01-24 12661536]
R3 nvvad_WaveExtensible;@oem11.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem12.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 RTSPER;@oem13.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-10-24 444632]
R3 rtsuvc;@oem27.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
S0 dlgvc;dlgvc; C:\WINDOWS\System32\drivers\xgjkf.sys [2015-03-31 79064]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys [2014-10-01 70608]
S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys []
S1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys []
S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2013-09-23 197704]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-04-16 450520]
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-03-17 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-03-17 64216]
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2014-09-19 96600]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-12-24 318592]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-01-19 182520]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-15 101680]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2015-01-28 517464]
R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-04-16 296432]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-06-19 198192]
R2 LsvUIService;LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [2014-06-19 70416]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-02-13 1851192]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2015-01-13 562200]
R2 mccspsvc;McAfee CSP Service; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [2014-11-21 422632]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 McNeelUpdate;McNeel Update Service 5.0; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2012-10-25 67752]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-11-06 1050952]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-10-01 221832]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe [2014-10-01 189920]
R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-01-24 922912]
R2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-06-19 288240]
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2014-06-19 68880]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-04-16 279024]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-02-26 1432400]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [2013-07-30 334608]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2015-01-07 601864]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-06-19 308720]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TESHelper;TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [2014-06-19 104696]
S4 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]

-----------------EOF-----------------

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 01 dub 2015 08:36
od Márty84
Zdravim :)

Jaky pouzivate antivir? Vidim tam McAfee, ale i Aviru.

Pokud je naboreny system, mozna bude nutna jeho oprava pomoci instalacniho media.


:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 01 dub 2015 20:48
od vanicda1
Ahoj,
antivir pouzivam aviru mcafee sem tam mela nainstalovano uz když sem to kupovala ale jen zkusebni verzi od te doby mi tam jen nabiha at si koupim plnou verzi jenze ja sem místo toho nainstalovala aviru...a mcafee mi nesel odinstalovat.

tak tady posilam log z Adw Cleaner

# AdwCleaner v4.110 - Logfile created 12/02/2015 at 22:59:52
# Updated 05/02/2015 by Xplode
# Database : 2015-02-12.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : vanicda1 - DADYNA
# Running from : C:\Users\vanicda1\Downloads\adwcleaner_4.110.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\WINDOWS\System32\roboot64.exe
Folder Found : C:\ProgramData\apn
Folder Found : C:\Users\vanicda1\AppData\Local\FileViewPro
Folder Found : C:\Users\vanicda1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjcmnpnoopgilmnfhloocdcbnimmmea
Folder Found : C:\Users\vanicda1\AppData\LocalLow\BS_Player_ControlBar_B
Folder Found : C:\Users\vanicda1\AppData\LocalLow\Tbccint
Folder Found : C:\Users\vanicda1\AppData\Roaming\Solvusoft

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****

# AdwCleaner v4.200 - Log vytvooen 01/04/2015 v 21:41:05
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 8.1 (x64)
# Uživatelské jméno : vanicda1 - DADYNA
# Spuštino z : C:\Users\vanicda1\Desktop\adwcleaner_4.200.exe
# Nastavení : Sken

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Nalezeno : C:\Users\vanicda1\AppData\LocalLow\Tbccint

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Klíe Nalezeno : HKCU\Software\Classes\pokki
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Klíe Nalezeno : HKCU\Software\Pokki
Klíe Nalezeno : [x64] HKCU\Software\Conduit
Klíe Nalezeno : [x64] HKCU\Software\Pokki

***** [ Prohlížeee ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [1922 bytu] - [12/02/2015 23:59:52]
AdwCleaner[R1].txt - [881 bytu] - [13/02/2015 00:17:09]
AdwCleaner[R2].txt - [757 bytu] - [13/02/2015 01:13:28]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2094 bytu] ##########

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 02 dub 2015 03:59
od Márty84
:arrow: Ten log z ADWCleaneru je po skenu. Musite pak jeste kliknout na Clean, aby ty nalezy odstranil.

:arrow: Uvidime, co najde MBAM :)

:arrow: Na McAfee pak pouzijte jejich odinstalator http://download.mcafee.com/products/lic ... s/MCPR.exe , ale to az po kontrole logu z MBAM.

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 03 dub 2015 18:03
od vanicda1
Tak zasilam log z adwcleanru pro vyčistení a ten druhy program mi prestane pracovat dve hodiny pracuje a pak to nahlasi chybu zkusim to ještě pro každý disk zvlast :D


# AdwCleaner v4.200 - Log vytvooen 03/04/2015 v 18:59:17
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 8.1 (x64)
# Uživatelské jméno : vanicda1 - DADYNA
# Spuštino z : C:\Users\vanicda1\Desktop\adwcleaner_4.200.exe
# Nastavení : Eištiní

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Users\vanicda1\AppData\LocalLow\Tbccint

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíe Smazáno : HKCU\Software\Classes\pokki
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Klíe Smazáno : HKCU\Software\Conduit
Klíe Smazáno : HKCU\Software\Pokki
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

***** [ Prohlížeee ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [2180 bytu] - [12/02/2015 23:59:52]
AdwCleaner[R1].txt - [2181 bytu] - [13/02/2015 00:17:09]
AdwCleaner[R2].txt - [757 bytu] - [13/02/2015 01:13:28]
AdwCleaner[S0].txt - [1131 bytu] - [03/04/2015 18:59:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1189 bytu] ##########

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 03 dub 2015 18:06
od Márty84
Kdyby to neslo, zkuste starsi verzi....


:arrow: Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade na novejsi verzi a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 03 dub 2015 21:14
od vanicda1
tak hura podaril se mi vygenerovat log :)

tu je:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.04.04.07

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.17690
vanicda1 :: DADYNA [administrátor]

Ochrana: Zakázána

3. 4. 2015 20:17:44
MBAM-log-2015-04-03 (22-11-10).txt

Typ: Kompletní kontrola (C:\|D:\|S:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 638793
Uplynulý čas: 1 hodin, 51 minut, 4 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
C:\Windows\WinSxS\x86_microsoft-windows-atl_31bf3856ad364e35_6.3.9600.16384_none_3fc0044d754c0225\atl.dll (Trojan.FakeMS) -> Nebyla provedena žádná instrukce.
C:\Windows\WinSxS\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.3.9600.16384_none_01428598f4095f36\iccvid.dll (Trojan.FakeAlert) -> Nebyla provedena žádná instrukce.
S:\škola\Downloads\adobe-indesign-cs5-premium-v7-0\Adobe InDesign CS5 Premium v7.0\Your Software Here\Keygen\keygen.exe (Malware.Packer.Gen) -> Nebyla provedena žádná instrukce.

(konec)

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 03 dub 2015 21:33
od Márty84
:arrow: Nalezy hodte do karanteny, pak muzete MBAM odinstalovat.

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 04 dub 2015 09:25
od vanicda1
Tak bohužel mi nelze stahnou frstlauncher antivir mi nelze otevřít a většina ikon z panelu nastroju nefunguje, když na ne kliknu tak se neotevřou vůbec nereaguji...a když se to podari stahnou tak mi to nepise ze soubour nebo adresar je porusen nebo není citelny :(

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 04 dub 2015 09:42
od Márty84
Tak dejte log jen z FRST, bez Launcheru :)

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 04 dub 2015 09:47
od vanicda1
Logfile of random's system information tool 1.10 (written by random/random)
Run by vanicda1 at 2015-04-04 10:46:17
Microsoft Windows 8.1
System drive C: has 405 GB (72%) free of 561 GB
Total RAM: 16296 MB (88% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:46:20, on 4. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\vanicda1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe" /platui /runkey
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LsvUIService - Lenovo - C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McNeel Update Service 5.0 (McNeelUpdate) - Robert McNeel & Associates - C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit (mi-raysat_3dsmax2012_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11660 bytes

======Listing Processes======





wininit.exe


C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"dwm.exe"
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"
dashost.exe {8122e0aa-8b82-45b3-a2f675a409171214}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe"
"C:\windows\system32\mfevtps.exe"
"C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\McAfee\MSC\McAPExe.exe"
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ed9b958d-53de-465a-9e14-659948cb2ad8 -SystemEventPortName:HostProcess-8befde70-be55-4fe7-887b-fc1aef44ed85 -IoCancelEventPortName:HostProcess-27a8adeb-70ea-496b-84c6-d1322b094939 -NonStateChangingEventPortName:HostProcess-1b8ccc54-e73f-4e23-be1c-6b700f8d4a18 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b2c7f30c-3400-460b-b857-322ea4bef1ab -DeviceGroupId:WudfDefaultDevicePool
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxHK.exe
igfxTray.exe
"C:\WINDOWS\system32\igfxEM.exe" -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe" /AutoRun
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files\Common Files\mcafee\platform\McUICnt.exe" /platui /runkey
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe" -run

C:\Windows\System32\skydrive.exe -Embedding
adb fork-server server
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5524 CREDAT:267521 /prefetch:2
"C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe"
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsmap.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
wmiadap.exe /F /T /R
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\vanicda1\Desktop\RSITx64 (1).exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-01-21 1179576]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2014-01-21 6340312]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-03-12 3276104]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24 13667032]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-05 1379544]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-05 1379544]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-05 1379544]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-06-19 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-06-19 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-06-19 10841584]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 415680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2015-01-28 688984]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-03-13 7451928]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"mcpltui_exe"=C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe [2014-09-17 643064]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-01-19 126712]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-04-04 10:07:44 ----A---- C:\WINDOWS\system32\drivers\mferkdet.sys
2015-04-03 20:16:58 ----D---- C:\Users\vanicda1\AppData\Roaming\Malwarebytes
2015-03-31 22:55:20 ----D---- C:\Program Files\trend micro
2015-03-31 20:49:05 ----D---- C:\Program Files\CCleaner
2015-03-30 16:16:21 ----D---- C:\WINDOWS\Minidump
2015-03-19 17:33:44 ----D---- C:\Users\vanicda1\AppData\Roaming\McNeel
2015-03-19 17:30:35 ----D---- C:\ProgramData\McNeel
2015-03-19 17:30:21 ----D---- C:\Program Files (x86)\McNeelUpdate
2015-03-19 17:30:13 ----D---- C:\Program Files\Rhinoceros 5.0 (64-bit)
2015-03-18 23:12:44 ----D---- C:\Users\vanicda1\AppData\Roaming\Garmin
2015-03-18 23:12:10 ----D---- C:\ProgramData\Garmin
2015-03-18 23:12:04 ----D---- C:\Program Files (x86)\Garmin
2015-03-16 17:21:38 ----D---- C:\Users\vanicda1\AppData\Roaming\SketchUp
2015-03-16 17:18:14 ----D---- C:\ProgramData\SketchUp
2015-03-16 17:18:14 ----D---- C:\Program Files (x86)\SketchUp
2015-03-12 09:49:08 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-03-12 09:49:07 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-03-12 09:49:07 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-03-12 09:49:03 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2015-03-12 09:49:03 ----A---- C:\WINDOWS\system32\winshfhc.dll
2015-03-12 09:48:23 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\fsquirt.exe
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\rfcomm.sys
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\hidbth.sys
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\bthport.sys
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\bthenum.sys
2015-03-12 09:48:21 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-03-12 09:48:21 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\SYSWOW64\mfc42u.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\SYSWOW64\mfc42.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\SYSWOW64\atlthunk.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\system32\mfc42u.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\system32\mfc42.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\system32\atlthunk.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-12 09:48:07 ----A---- C:\WINDOWS\system32\WSReset.exe
2015-03-12 09:48:07 ----A---- C:\WINDOWS\system32\WSCollect.exe
2015-03-12 09:47:09 ----A---- C:\WINDOWS\SYSWOW64\StorageContextHandler.dll
2015-03-12 09:47:09 ----A---- C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-12 09:47:08 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-03-12 09:47:08 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2015-03-12 09:47:08 ----A---- C:\WINDOWS\system32\authui.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eappprxy.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\system32\eappprxy.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\system32\eapphost.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\system32\eappgnui.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\system32\eappcfg.dll
2015-03-12 09:47:06 ----A---- C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-12 09:47:05 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2015-03-12 09:47:05 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2015-03-12 09:46:36 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2015-03-12 09:46:36 ----A---- C:\WINDOWS\system32\SHCore.dll
2015-03-12 09:46:33 ----A---- C:\WINDOWS\SYSWOW64\photowiz.dll
2015-03-12 09:46:33 ----A---- C:\WINDOWS\system32\photowiz.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\prnntfy.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\printui.exe
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\findnetprinters.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\compstui.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\win32spl.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\puiapi.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\prnntfy.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\localspl.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\findnetprinters.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\compstui.dll
2015-03-12 09:46:30 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2015-03-12 09:46:30 ----A---- C:\WINDOWS\system32\printui.exe
2015-03-12 09:46:30 ----A---- C:\WINDOWS\explorer.exe
2015-03-12 09:46:29 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-03-12 09:46:29 ----A---- C:\WINDOWS\SYSWOW64\calc.exe
2015-03-12 09:46:29 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-03-12 09:46:29 ----A---- C:\WINDOWS\system32\calc.exe
2015-03-12 09:45:07 ----A---- C:\WINDOWS\system32\win32k.sys
2015-03-12 09:45:07 ----A---- C:\WINDOWS\system32\schannel.dll
2015-03-12 09:45:06 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-03-12 09:45:03 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2015-03-12 09:45:03 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-03-12 09:45:03 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\lpk.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\fontsub.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\dciman32.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-03-12 09:45:01 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-03-12 09:45:01 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\ubpm.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\rdpudd.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2015-03-12 09:43:22 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-03-12 09:43:21 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-03-12 09:43:20 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-03-12 09:43:19 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-03-12 09:43:19 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-03-12 09:43:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-03-12 09:43:16 ----A---- C:\WINDOWS\system32\wininet.dll
2015-03-12 09:43:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-03-12 09:43:15 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-03-12 09:43:15 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-03-12 09:43:13 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-03-12 09:43:13 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-03-12 09:43:13 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-03-12 09:43:13 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\system32\jscript.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-03-12 09:42:52 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2015-03-12 09:42:52 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-12 09:42:51 ----A---- C:\WINDOWS\system32\shell32.dll
2015-03-12 09:42:50 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-03-12 09:42:26 ----A---- C:\WINDOWS\SYSWOW64\WMPhoto.dll
2015-03-12 09:42:26 ----A---- C:\WINDOWS\system32\WMPhoto.dll
2015-03-12 09:41:33 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2015-03-12 09:41:33 ----A---- C:\WINDOWS\system32\msctf.dll
2015-03-07 23:56:19 ----D---- C:\Users\vanicda1\AppData\Roaming\Maxthon3
2015-03-05 23:05:38 ----D---- C:\Users\vanicda1\AppData\Roaming\BSplayer PRO
2015-03-05 23:05:38 ----D---- C:\Program Files (x86)\Webteh

======List of files/folders modified in the last 1 month======

2015-04-04 10:46:18 ----D---- C:\WINDOWS\Temp
2015-04-04 10:42:50 ----D---- C:\WINDOWS\Prefetch
2015-04-04 10:19:47 ----RD---- C:\Program Files
2015-04-04 10:07:44 ----D---- C:\WINDOWS\system32\drivers
2015-04-04 10:00:00 ----D---- C:\WINDOWS\system32\sru
2015-04-04 09:51:18 ----D---- C:\WINDOWS\Inf
2015-04-04 09:51:18 ----AD---- C:\WINDOWS\System32
2015-04-04 09:51:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-04 09:32:30 ----RD---- C:\Program Files (x86)
2015-04-03 20:16:13 ----D---- C:\ProgramData\Malwarebytes
2015-04-03 18:59:33 ----D---- C:\WINDOWS\system32\catroot2
2015-04-03 18:59:24 ----D---- C:\AdwCleaner
2015-04-03 10:26:30 ----D---- C:\WINDOWS\system32\wdi
2015-04-01 22:51:48 ----SHD---- C:\found.000
2015-03-31 21:43:11 ----D---- C:\WINDOWS\system32\wbem
2015-03-31 21:34:02 ----HD---- C:\ProgramData
2015-03-31 21:34:02 ----AD---- C:\Windows
2015-03-31 21:32:58 ----D---- C:\ProgramData\Avira
2015-03-31 21:16:22 ----D---- C:\Program Files (x86)\McAfee
2015-03-31 21:05:27 ----D---- C:\WINDOWS\SoftwareDistribution
2015-03-31 20:58:30 ----D---- C:\Program Files (x86)\Google
2015-03-31 20:58:29 ----D---- C:\WINDOWS\Tasks
2015-03-31 20:58:26 ----SHD---- C:\WINDOWS\Installer
2015-03-31 20:53:50 ----D---- C:\Users\vanicda1\AppData\Roaming\uTorrent
2015-03-31 20:53:26 ----DC---- C:\WINDOWS\Panther
2015-03-31 20:53:26 ----D---- C:\WINDOWS\Logs
2015-03-31 20:53:26 ----D---- C:\WINDOWS\debug
2015-03-31 20:49:14 ----D---- C:\WINDOWS\system32\Tasks
2015-03-30 16:36:57 ----SHD---- C:\System Volume Information
2015-03-30 16:02:29 ----D---- C:\WINDOWS\Microsoft.NET
2015-03-30 10:37:48 ----D---- C:\WINDOWS\AppReadiness
2015-03-26 15:08:44 ----D---- C:\WINDOWS\system32\config
2015-03-19 17:33:43 ----D---- C:\Users\vanicda1\AppData\Roaming\NVIDIA
2015-03-19 17:31:05 ----D---- C:\WINDOWS\WinSxS
2015-03-19 17:30:38 ----RSD---- C:\WINDOWS\assembly
2015-03-19 17:30:13 ----D---- C:\Program Files (x86)\Common Files
2015-03-19 11:32:48 ----D---- C:\WINDOWS\system32\catroot
2015-03-18 23:12:34 ----D---- C:\WINDOWS\system32\DriverStore
2015-03-18 23:12:33 ----D---- C:\Program Files\DIFX
2015-03-18 23:11:52 ----D---- C:\ProgramData\Package Cache
2015-03-16 17:18:48 ----D---- C:\WINDOWS\SysWOW64
2015-03-15 15:14:36 ----D---- C:\WINDOWS\rescache
2015-03-15 14:03:36 ----HD---- C:\Program Files\WindowsApps
2015-03-13 15:39:57 ----D---- C:\Program Files\Internet Explorer
2015-03-13 15:39:57 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-13 15:39:55 ----RD---- C:\WINDOWS\ToastData
2015-03-13 15:39:52 ----D---- C:\Program Files\Windows Defender
2015-03-13 15:39:51 ----D---- C:\Program Files (x86)\Windows Defender
2015-03-13 15:39:49 ----D---- C:\WINDOWS\SYSWOW64\en-US
2015-03-13 15:39:49 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-03-13 15:39:49 ----D---- C:\WINDOWS\system32\en-US
2015-03-13 15:39:49 ----D---- C:\WINDOWS\system32\cs-CZ
2015-03-13 15:39:44 ----D---- C:\WINDOWS\WinStore
2015-03-12 10:55:24 ----D---- C:\WINDOWS\CbsTemp
2015-03-12 10:54:02 ----D---- C:\WINDOWS\system32\MRT
2015-03-12 10:50:11 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2014-10-01 786304]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\WINDOWS\system32\drivers\mfewfpk.sys [2014-10-01 348560]
R3 ACPIVPC;@oem41.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-06-19 35576]
R3 AthBTPort;@oem17.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-12-24 89800]
R3 athr;@oem40.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-11-13 3880448]
R3 BTATH_A2DP;@oem16.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-12-24 338120]
R3 btath_avdt;@oem16.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-12-24 116424]
R3 BTATH_BUS;@oem14.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-12-24 34384]
R3 BTATH_HCRP;@oem19.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-12-24 179432]
R3 BTATH_LWFLT;@oem21.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-12-24 77464]
R3 BTATH_RCP;@oem23.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-12-24 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-12-24 597192]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2014-10-01 72136]
R3 ETD;@oem37.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2014-03-12 401160]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2014-03-11 24904]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-04-16 3785216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-03-11 3891800]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MEIx64;@oem5.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2014-10-01 181584]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2014-10-01 313680]
R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2014-10-01 526360]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [2014-09-19 447440]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-01-24 12661536]
R3 nvvad_WaveExtensible;@oem11.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem12.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 RTSPER;@oem13.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-10-24 444632]
R3 rtsuvc;@oem27.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys [2014-10-01 70608]
S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys []
S1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys []
S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2013-09-23 197704]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-04-16 450520]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2014-09-19 96600]
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2015-04-04 108440]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-12-24 318592]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-01-19 182520]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-15 101680]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2015-01-28 517464]
R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-04-16 296432]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-06-19 198192]
R2 LsvUIService;LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [2014-06-19 70416]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-02-13 1851192]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2015-01-13 562200]
R2 mccspsvc;McAfee CSP Service; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [2014-11-21 422632]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 McNeelUpdate;McNeel Update Service 5.0; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2012-10-25 67752]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-11-06 1050952]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-10-01 221832]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe [2014-10-01 189920]
R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-01-24 922912]
R2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-06-19 288240]
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2014-06-19 68880]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-04-16 279024]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-02-26 1432400]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [2013-07-30 334608]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2015-01-07 601864]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-06-19 308720]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TESHelper;TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [2014-06-19 104696]
S4 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]

-----------------EOF-----------------

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 04 dub 2015 09:47
od vanicda1
Logfile of random's system information tool 1.10 (written by random/random)
Run by vanicda1 at 2015-04-04 10:46:17
Microsoft Windows 8.1
System drive C: has 405 GB (72%) free of 561 GB
Total RAM: 16296 MB (88% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:46:20, on 4. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\vanicda1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe" /platui /runkey
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LsvUIService - Lenovo - C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McNeel Update Service 5.0 (McNeelUpdate) - Robert McNeel & Associates - C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit (mi-raysat_3dsmax2012_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11660 bytes

======Listing Processes======





wininit.exe


C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"dwm.exe"
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"
dashost.exe {8122e0aa-8b82-45b3-a2f675a409171214}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe"
"C:\windows\system32\mfevtps.exe"
"C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\McAfee\MSC\McAPExe.exe"
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ed9b958d-53de-465a-9e14-659948cb2ad8 -SystemEventPortName:HostProcess-8befde70-be55-4fe7-887b-fc1aef44ed85 -IoCancelEventPortName:HostProcess-27a8adeb-70ea-496b-84c6-d1322b094939 -NonStateChangingEventPortName:HostProcess-1b8ccc54-e73f-4e23-be1c-6b700f8d4a18 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b2c7f30c-3400-460b-b857-322ea4bef1ab -DeviceGroupId:WudfDefaultDevicePool
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxHK.exe
igfxTray.exe
"C:\WINDOWS\system32\igfxEM.exe" -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe" /AutoRun
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files\Common Files\mcafee\platform\McUICnt.exe" /platui /runkey
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe" -run

C:\Windows\System32\skydrive.exe -Embedding
adb fork-server server
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5524 CREDAT:267521 /prefetch:2
"C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe"
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsmap.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
wmiadap.exe /F /T /R
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\vanicda1\Desktop\RSITx64 (1).exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-01-21 1179576]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2014-01-21 6340312]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-03-12 3276104]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24 13667032]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-05 1379544]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-05 1379544]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-05 1379544]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-06-19 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-06-19 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-06-19 10841584]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 415680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2015-01-28 688984]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-03-13 7451928]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"mcpltui_exe"=C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe [2014-09-17 643064]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-01-19 126712]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-04-04 10:07:44 ----A---- C:\WINDOWS\system32\drivers\mferkdet.sys
2015-04-03 20:16:58 ----D---- C:\Users\vanicda1\AppData\Roaming\Malwarebytes
2015-03-31 22:55:20 ----D---- C:\Program Files\trend micro
2015-03-31 20:49:05 ----D---- C:\Program Files\CCleaner
2015-03-30 16:16:21 ----D---- C:\WINDOWS\Minidump
2015-03-19 17:33:44 ----D---- C:\Users\vanicda1\AppData\Roaming\McNeel
2015-03-19 17:30:35 ----D---- C:\ProgramData\McNeel
2015-03-19 17:30:21 ----D---- C:\Program Files (x86)\McNeelUpdate
2015-03-19 17:30:13 ----D---- C:\Program Files\Rhinoceros 5.0 (64-bit)
2015-03-18 23:12:44 ----D---- C:\Users\vanicda1\AppData\Roaming\Garmin
2015-03-18 23:12:10 ----D---- C:\ProgramData\Garmin
2015-03-18 23:12:04 ----D---- C:\Program Files (x86)\Garmin
2015-03-16 17:21:38 ----D---- C:\Users\vanicda1\AppData\Roaming\SketchUp
2015-03-16 17:18:14 ----D---- C:\ProgramData\SketchUp
2015-03-16 17:18:14 ----D---- C:\Program Files (x86)\SketchUp
2015-03-12 09:49:08 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-03-12 09:49:07 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-03-12 09:49:07 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-03-12 09:49:03 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2015-03-12 09:49:03 ----A---- C:\WINDOWS\system32\winshfhc.dll
2015-03-12 09:48:23 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\fsquirt.exe
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\rfcomm.sys
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\hidbth.sys
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\bthport.sys
2015-03-12 09:48:22 ----AC---- C:\WINDOWS\system32\drivers\bthenum.sys
2015-03-12 09:48:21 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-03-12 09:48:21 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\SYSWOW64\mfc42u.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\SYSWOW64\mfc42.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\SYSWOW64\atlthunk.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\system32\mfc42u.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\system32\mfc42.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-12 09:48:18 ----A---- C:\WINDOWS\system32\atlthunk.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-12 09:48:08 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-12 09:48:07 ----A---- C:\WINDOWS\system32\WSReset.exe
2015-03-12 09:48:07 ----A---- C:\WINDOWS\system32\WSCollect.exe
2015-03-12 09:47:09 ----A---- C:\WINDOWS\SYSWOW64\StorageContextHandler.dll
2015-03-12 09:47:09 ----A---- C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-12 09:47:08 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-03-12 09:47:08 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2015-03-12 09:47:08 ----A---- C:\WINDOWS\system32\authui.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eappprxy.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\system32\eappprxy.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\system32\eapphost.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\system32\eappgnui.dll
2015-03-12 09:47:07 ----A---- C:\WINDOWS\system32\eappcfg.dll
2015-03-12 09:47:06 ----A---- C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-12 09:47:05 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2015-03-12 09:47:05 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2015-03-12 09:46:36 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2015-03-12 09:46:36 ----A---- C:\WINDOWS\system32\SHCore.dll
2015-03-12 09:46:33 ----A---- C:\WINDOWS\SYSWOW64\photowiz.dll
2015-03-12 09:46:33 ----A---- C:\WINDOWS\system32\photowiz.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\prnntfy.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\printui.exe
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\findnetprinters.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\SYSWOW64\compstui.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\win32spl.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\puiapi.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\prnntfy.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\localspl.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\findnetprinters.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-12 09:46:31 ----A---- C:\WINDOWS\system32\compstui.dll
2015-03-12 09:46:30 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2015-03-12 09:46:30 ----A---- C:\WINDOWS\system32\printui.exe
2015-03-12 09:46:30 ----A---- C:\WINDOWS\explorer.exe
2015-03-12 09:46:29 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-03-12 09:46:29 ----A---- C:\WINDOWS\SYSWOW64\calc.exe
2015-03-12 09:46:29 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-03-12 09:46:29 ----A---- C:\WINDOWS\system32\calc.exe
2015-03-12 09:45:07 ----A---- C:\WINDOWS\system32\win32k.sys
2015-03-12 09:45:07 ----A---- C:\WINDOWS\system32\schannel.dll
2015-03-12 09:45:06 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-03-12 09:45:03 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2015-03-12 09:45:03 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-03-12 09:45:03 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\lpk.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\fontsub.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\dciman32.dll
2015-03-12 09:45:02 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-03-12 09:45:01 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-03-12 09:45:01 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\ubpm.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\rdpudd.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2015-03-12 09:44:56 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2015-03-12 09:43:22 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-03-12 09:43:21 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-03-12 09:43:20 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-03-12 09:43:19 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-03-12 09:43:19 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-03-12 09:43:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-03-12 09:43:16 ----A---- C:\WINDOWS\system32\wininet.dll
2015-03-12 09:43:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-03-12 09:43:15 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-03-12 09:43:15 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-03-12 09:43:14 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-03-12 09:43:13 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-03-12 09:43:13 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-03-12 09:43:13 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-03-12 09:43:13 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-03-12 09:43:12 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\system32\jscript.dll
2015-03-12 09:43:11 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-03-12 09:42:52 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2015-03-12 09:42:52 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-12 09:42:51 ----A---- C:\WINDOWS\system32\shell32.dll
2015-03-12 09:42:50 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-03-12 09:42:26 ----A---- C:\WINDOWS\SYSWOW64\WMPhoto.dll
2015-03-12 09:42:26 ----A---- C:\WINDOWS\system32\WMPhoto.dll
2015-03-12 09:41:33 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2015-03-12 09:41:33 ----A---- C:\WINDOWS\system32\msctf.dll
2015-03-07 23:56:19 ----D---- C:\Users\vanicda1\AppData\Roaming\Maxthon3
2015-03-05 23:05:38 ----D---- C:\Users\vanicda1\AppData\Roaming\BSplayer PRO
2015-03-05 23:05:38 ----D---- C:\Program Files (x86)\Webteh

======List of files/folders modified in the last 1 month======

2015-04-04 10:46:18 ----D---- C:\WINDOWS\Temp
2015-04-04 10:42:50 ----D---- C:\WINDOWS\Prefetch
2015-04-04 10:19:47 ----RD---- C:\Program Files
2015-04-04 10:07:44 ----D---- C:\WINDOWS\system32\drivers
2015-04-04 10:00:00 ----D---- C:\WINDOWS\system32\sru
2015-04-04 09:51:18 ----D---- C:\WINDOWS\Inf
2015-04-04 09:51:18 ----AD---- C:\WINDOWS\System32
2015-04-04 09:51:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-04 09:32:30 ----RD---- C:\Program Files (x86)
2015-04-03 20:16:13 ----D---- C:\ProgramData\Malwarebytes
2015-04-03 18:59:33 ----D---- C:\WINDOWS\system32\catroot2
2015-04-03 18:59:24 ----D---- C:\AdwCleaner
2015-04-03 10:26:30 ----D---- C:\WINDOWS\system32\wdi
2015-04-01 22:51:48 ----SHD---- C:\found.000
2015-03-31 21:43:11 ----D---- C:\WINDOWS\system32\wbem
2015-03-31 21:34:02 ----HD---- C:\ProgramData
2015-03-31 21:34:02 ----AD---- C:\Windows
2015-03-31 21:32:58 ----D---- C:\ProgramData\Avira
2015-03-31 21:16:22 ----D---- C:\Program Files (x86)\McAfee
2015-03-31 21:05:27 ----D---- C:\WINDOWS\SoftwareDistribution
2015-03-31 20:58:30 ----D---- C:\Program Files (x86)\Google
2015-03-31 20:58:29 ----D---- C:\WINDOWS\Tasks
2015-03-31 20:58:26 ----SHD---- C:\WINDOWS\Installer
2015-03-31 20:53:50 ----D---- C:\Users\vanicda1\AppData\Roaming\uTorrent
2015-03-31 20:53:26 ----DC---- C:\WINDOWS\Panther
2015-03-31 20:53:26 ----D---- C:\WINDOWS\Logs
2015-03-31 20:53:26 ----D---- C:\WINDOWS\debug
2015-03-31 20:49:14 ----D---- C:\WINDOWS\system32\Tasks
2015-03-30 16:36:57 ----SHD---- C:\System Volume Information
2015-03-30 16:02:29 ----D---- C:\WINDOWS\Microsoft.NET
2015-03-30 10:37:48 ----D---- C:\WINDOWS\AppReadiness
2015-03-26 15:08:44 ----D---- C:\WINDOWS\system32\config
2015-03-19 17:33:43 ----D---- C:\Users\vanicda1\AppData\Roaming\NVIDIA
2015-03-19 17:31:05 ----D---- C:\WINDOWS\WinSxS
2015-03-19 17:30:38 ----RSD---- C:\WINDOWS\assembly
2015-03-19 17:30:13 ----D---- C:\Program Files (x86)\Common Files
2015-03-19 11:32:48 ----D---- C:\WINDOWS\system32\catroot
2015-03-18 23:12:34 ----D---- C:\WINDOWS\system32\DriverStore
2015-03-18 23:12:33 ----D---- C:\Program Files\DIFX
2015-03-18 23:11:52 ----D---- C:\ProgramData\Package Cache
2015-03-16 17:18:48 ----D---- C:\WINDOWS\SysWOW64
2015-03-15 15:14:36 ----D---- C:\WINDOWS\rescache
2015-03-15 14:03:36 ----HD---- C:\Program Files\WindowsApps
2015-03-13 15:39:57 ----D---- C:\Program Files\Internet Explorer
2015-03-13 15:39:57 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-13 15:39:55 ----RD---- C:\WINDOWS\ToastData
2015-03-13 15:39:52 ----D---- C:\Program Files\Windows Defender
2015-03-13 15:39:51 ----D---- C:\Program Files (x86)\Windows Defender
2015-03-13 15:39:49 ----D---- C:\WINDOWS\SYSWOW64\en-US
2015-03-13 15:39:49 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-03-13 15:39:49 ----D---- C:\WINDOWS\system32\en-US
2015-03-13 15:39:49 ----D---- C:\WINDOWS\system32\cs-CZ
2015-03-13 15:39:44 ----D---- C:\WINDOWS\WinStore
2015-03-12 10:55:24 ----D---- C:\WINDOWS\CbsTemp
2015-03-12 10:54:02 ----D---- C:\WINDOWS\system32\MRT
2015-03-12 10:50:11 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2014-10-01 786304]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\WINDOWS\system32\drivers\mfewfpk.sys [2014-10-01 348560]
R3 ACPIVPC;@oem41.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-06-19 35576]
R3 AthBTPort;@oem17.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-12-24 89800]
R3 athr;@oem40.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-11-13 3880448]
R3 BTATH_A2DP;@oem16.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-12-24 338120]
R3 btath_avdt;@oem16.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-12-24 116424]
R3 BTATH_BUS;@oem14.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-12-24 34384]
R3 BTATH_HCRP;@oem19.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-12-24 179432]
R3 BTATH_LWFLT;@oem21.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-12-24 77464]
R3 BTATH_RCP;@oem23.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-12-24 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-12-24 597192]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2014-10-01 72136]
R3 ETD;@oem37.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2014-03-12 401160]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2014-03-11 24904]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-04-16 3785216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-03-11 3891800]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MEIx64;@oem5.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2014-10-01 181584]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2014-10-01 313680]
R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2014-10-01 526360]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [2014-09-19 447440]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-01-24 12661536]
R3 nvvad_WaveExtensible;@oem11.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem12.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 RTSPER;@oem13.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-10-24 444632]
R3 rtsuvc;@oem27.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys [2014-10-01 70608]
S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys []
S1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys []
S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2013-09-23 197704]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-04-16 450520]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2014-09-19 96600]
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2015-04-04 108440]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-12-24 318592]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-01-19 182520]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-15 101680]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2015-01-28 517464]
R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-04-16 296432]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-06-19 198192]
R2 LsvUIService;LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [2014-06-19 70416]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-02-13 1851192]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2015-01-13 562200]
R2 mccspsvc;McAfee CSP Service; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [2014-11-21 422632]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 McNeelUpdate;McNeel Update Service 5.0; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2012-10-25 67752]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-11-06 1050952]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-10-01 221832]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe [2014-10-01 189920]
R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-01-24 922912]
R2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-06-19 288240]
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2014-06-19 68880]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-04-16 279024]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-02-26 1432400]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [2013-07-30 334608]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2015-01-07 601864]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-06-19 308720]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TESHelper;TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [2014-06-19 104696]
S4 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]

-----------------EOF-----------------

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 04 dub 2015 10:36
od Márty84
:arrow: Pouzijte ten odinstalator McAfee http://download.mcafee.com/products/lic ... s/MCPR.exe

:arrow: Potom dejte logy z FRST http://www.bleepingcomputer.com/downloa ... ool/dl/82/ - bez pouziti Launcheru (to co jste tu dala je RSIT :) )

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 04 dub 2015 11:07
od vanicda1
tak odinstalator jsem použila pak sem restartovala pocitac ale ten mcafee mi tu stále vyskakuje a pak objevuje se i okynko po startu: prosim reinstalujte mcafee tento program nepracuje spravne..

a tady log z FRST

pak pridaám ještě addition log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by vanicda1 (administrator) on DADYNA on 04-04-2015 12:03:10
Running from C:\Users\vanicda1\Desktop
Loaded Profiles: vanicda1 (Available profiles: vanicda1 & Tomáš Fiedler & Administrator & Guest)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.3.336.0\McCSPServiceHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-03-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-06-19] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-06-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-06-19] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-06] (Autodesk, Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] ( ())
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3278468689-3164472910-983495835-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3278468689-3164472910-983495835-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-3278468689-3164472910-983495835-1001\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3278468689-3164472910-983495835-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3278468689-3164472910-983495835-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3278468689-3164472910-983495835-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-3278468689-3164472910-983495835-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3278468689-3164472910-983495835-1001 -> {E9D3406B-76C0-41E0-B3B5-69E709FFAF76} URL =
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-01-13] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-01-13] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\vanicda1\AppData\Roaming\Mozilla\Firefox\Profiles\e2pBjrg9.default
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems)
FF Extension: Avira Browser Safety - C:\Users\vanicda1\AppData\Roaming\Mozilla\Firefox\Profiles\e2pBjrg9.default\Extensions\abs@avira.com [2015-02-13]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-06-19]

Chrome:
=======
CHR Profile: C:\Users\vanicda1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\vanicda1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-13]
CHR Extension: (Google Docs) - C:\Users\vanicda1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Google Drive) - C:\Users\vanicda1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-13]
CHR Extension: (YouTube) - C:\Users\vanicda1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-13]
CHR Extension: (Google Search) - C:\Users\vanicda1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-13]
CHR Extension: (Google Sheets) - C:\Users\vanicda1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-13]
CHR Extension: (Avira SafeSearch) - C:\Users\vanicda1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmiahjidflgnbiadknkmaimfpjkelng [2015-02-13]
CHR Extension: (Google Wallet) - C:\Users\vanicda1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-13]
CHR Extension: (No Name) - C:\Users\vanicda1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] () [File not signed]
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] () [File not signed]
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-06-19] (Lenovo(beijing) Limited)
S2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616 2013-09-16] () [File not signed]
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-06-19] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1851192 2015-02-13] (Maxthon)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-01-13] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-30] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2015-01-07] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-26] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-26] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-06-19] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-06-19] (Lenovo)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-06-19] (Lenovo)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2014-06-19] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-12-24] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3880448 2013-11-13] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [29696 2013-08-22] () [File not signed]
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [24904 2014-03-11] (ELAN Microelectronic Corp.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [108440 2015-04-04] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-24] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S2 avgntflt; system32\DRIVERS\avgntflt.sys [X]
S1 avipbb; \SystemRoot\system32\DRIVERS\avipbb.sys [X]
S1 avkmgr; \SystemRoot\system32\DRIVERS\avkmgr.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-04 12:03 - 2015-04-04 12:03 - 00021582 _____ () C:\Users\vanicda1\Desktop\FRST.txt
2015-04-04 12:03 - 2015-04-04 12:03 - 00000000 ____D () C:\FRST
2015-04-04 12:02 - 2015-04-04 12:02 - 02095616 _____ (Farbar) C:\Users\vanicda1\Desktop\FRST64.exe
2015-04-04 11:56 - 2015-04-04 11:56 - 03480040 _____ (McAfee, Inc.) C:\Users\vanicda1\Downloads\MCPR.exe
2015-04-04 10:45 - 2015-04-04 10:45 - 00000000 _____ () C:\Users\vanicda1\Desktop\FRSTLauncher.exe.o4hc3kv.partial
2015-04-04 10:21 - 2015-04-04 10:21 - 00112640 _____ () C:\Users\vanicda1\Desktop\FRSTLauncher.exe
2015-04-04 10:07 - 2015-04-04 10:07 - 00108440 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mferkdet.sys
2015-04-03 20:16 - 2015-04-03 20:16 - 00000000 ____D () C:\Users\vanicda1\AppData\Roaming\Malwarebytes
2015-04-03 20:15 - 2015-04-03 20:15 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\vanicda1\Downloads\mbam-setup-1.75.0.1300.exe
2015-04-03 18:54 - 2015-04-03 18:54 - 02208768 _____ () C:\Users\vanicda1\Desktop\adwcleaner_4.200.exe
2015-04-01 23:05 - 2015-04-01 23:05 - 00028400 _____ () C:\Users\vanicda1\Downloads\CLP_Educational.xlsx
2015-04-01 21:49 - 2015-04-01 21:50 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\vanicda1\Downloads\mbam-setup-2.1.4.1018 (1).exe
2015-03-31 22:55 - 2015-04-04 10:46 - 00000000 ____D () C:\Program Files\trend micro
2015-03-31 22:55 - 2015-03-31 22:55 - 01222144 _____ () C:\Users\vanicda1\Desktop\RSITx64 (1).exe
2015-03-31 22:29 - 2015-03-31 22:29 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\vanicda1\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-31 22:18 - 2015-04-03 18:50 - 00000000 ____D () C:\Users\Guest\AppData\Local\CrashDumps
2015-03-31 21:34 - 2015-04-04 09:28 - 00003060 _____ () C:\WINDOWS\PFRO.log
2015-03-31 21:30 - 2015-03-31 21:30 - 05315120 _____ (McAfee, Inc.) C:\Users\vanicda1\Downloads\McAfeeSetup.exe
2015-03-31 21:07 - 2015-04-04 11:58 - 00006704 _____ () C:\WINDOWS\setupact.log
2015-03-31 21:07 - 2015-03-31 21:07 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-31 21:06 - 2015-03-31 21:06 - 00000864 _____ () C:\Users\vanicda1\Documents\cc_20150331_210609.reg
2015-03-31 21:05 - 2015-03-31 21:05 - 00007802 _____ () C:\Users\vanicda1\Documents\cc_20150331_210550.reg
2015-03-31 20:55 - 2015-03-31 20:55 - 00249304 _____ () C:\Users\vanicda1\Documents\cc_20150331_205456.reg
2015-03-31 20:55 - 2015-03-31 20:55 - 00067976 _____ () C:\Users\vanicda1\Documents\cc_20150331_205525.reg
2015-03-31 20:55 - 2015-03-31 20:55 - 00005018 _____ () C:\Users\vanicda1\Documents\cc_20150331_205538.reg
2015-03-31 20:49 - 2015-03-31 20:49 - 00002792 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-03-31 20:49 - 2015-03-31 20:49 - 00000845 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-31 20:49 - 2015-03-31 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-03-31 20:49 - 2015-03-31 20:49 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-31 20:48 - 2015-03-31 20:48 - 05344528 _____ (Piriform Ltd) C:\Users\vanicda1\Downloads\ccsetup504.exe
2015-03-30 16:16 - 2015-03-31 20:53 - 00000000 ____D () C:\WINDOWS\Minidump
2015-03-23 12:28 - 2015-03-23 12:28 - 17795695 _____ () C:\Users\vanicda1\Downloads\graficka_cast_UP_Harrachov.zip
2015-03-21 18:17 - 2015-03-21 18:30 - 00000000 ____D () C:\Users\vanicda1\Downloads\The Lord of the Rings The Return of the King EXTENDED (2003)
2015-03-21 00:00 - 2015-03-21 23:09 - 00000000 ____D () C:\Users\vanicda1\Downloads\The Lord of the Rings - The Two Towers (2002)
2015-03-20 23:59 - 2015-03-22 16:54 - 00000000 ____D () C:\Users\vanicda1\Downloads\Ink.2009.BRRIP.720P.H264-ZEKTORM
2015-03-20 23:57 - 2015-03-22 12:30 - 00000000 ____D () C:\Users\vanicda1\Downloads\The Worlds End (2013) DVDRip XviD-MAXSPEED
2015-03-20 00:37 - 2015-03-20 00:37 - 00000000 ____D () C:\Users\vanicda1\AppData\Local\3dmouse
2015-03-19 17:33 - 2015-03-19 17:33 - 00000000 ____D () C:\Users\vanicda1\AppData\Roaming\McNeel
2015-03-19 17:33 - 2015-03-19 17:33 - 00000000 ____D () C:\Users\vanicda1\AppData\Local\McNeel
2015-03-19 17:30 - 2015-03-31 22:52 - 00000000 ____D () C:\Program Files\Rhinoceros 5.0 (64-bit)
2015-03-19 17:30 - 2015-03-19 17:33 - 00000000 ____D () C:\ProgramData\McNeel
2015-03-19 17:30 - 2015-03-19 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhinoceros 5.0
2015-03-19 17:30 - 2015-03-19 17:30 - 00000000 ____D () C:\Program Files (x86)\McNeelUpdate
2015-03-18 23:12 - 2015-03-18 23:12 - 00003556 _____ () C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2015-03-18 23:12 - 2015-03-18 23:12 - 00000000 ____D () C:\Users\vanicda1\AppData\Roaming\Garmin
2015-03-18 23:12 - 2015-03-18 23:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Garmin
2015-03-18 23:12 - 2015-03-18 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-03-18 23:12 - 2015-03-18 23:12 - 00000000 ____D () C:\ProgramData\Garmin
2015-03-18 23:12 - 2015-03-18 23:12 - 00000000 ____D () C:\Program Files (x86)\Garmin
2015-03-18 23:09 - 2015-03-18 23:09 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Macromedia
2015-03-18 23:08 - 2015-03-18 23:08 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieUserList
2015-03-18 23:08 - 2015-03-18 23:08 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieSiteList
2015-03-18 23:08 - 2015-03-18 23:08 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieBrowserModeList
2015-03-16 17:21 - 2015-03-16 17:21 - 00000000 ____D () C:\Users\vanicda1\AppData\Roaming\SketchUp
2015-03-16 17:18 - 2015-03-16 17:18 - 00003120 _____ () C:\WINDOWS\SysWOW64\ALLFSAF14a.ocx
2015-03-16 17:18 - 2015-03-16 17:18 - 00000000 ____D () C:\ProgramData\SketchUp
2015-03-16 17:18 - 2015-03-16 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2014
2015-03-16 17:18 - 2015-03-16 17:18 - 00000000 ____D () C:\Program Files (x86)\SketchUp
2015-03-15 19:33 - 2015-03-15 23:20 - 00000000 ____D () C:\Users\vanicda1\Downloads\The Hobbit The Battle of the Five Armies (2014) DVDSCR XviD-MAXSPEED
2015-03-15 13:48 - 2015-03-15 15:54 - 00000000 ____D () C:\Users\vanicda1\Downloads\Focus.2015.HC.HDRip.XViD.AC3-juggs[ETRG]
2015-03-15 12:48 - 2015-03-15 12:48 - 00000000 ____D () C:\Users\vanicda1\Downloads\Chappie.2015.NEW.ViDEO.CAM.XViD-FANTA
2015-03-13 13:53 - 2015-03-13 13:53 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\BSplayer PRO
2015-03-12 09:49 - 2015-02-04 01:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-12 09:49 - 2015-02-04 01:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-12 09:49 - 2015-02-04 01:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-12 09:49 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-12 09:49 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-12 09:48 - 2015-02-07 01:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-12 09:48 - 2015-02-06 03:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-12 09:48 - 2015-02-06 03:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-12 09:48 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-12 09:48 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-12 09:48 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-12 09:48 - 2015-01-30 05:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-12 09:48 - 2015-01-30 05:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-12 09:48 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-12 09:48 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-12 09:48 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-12 09:48 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-12 09:48 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-12 09:48 - 2015-01-29 03:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-12 09:48 - 2015-01-29 03:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-12 09:48 - 2015-01-29 02:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-12 09:48 - 2015-01-29 02:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-12 09:48 - 2014-10-29 04:46 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-03-12 09:48 - 2014-10-29 04:46 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-03-12 09:48 - 2014-10-29 04:45 - 01198080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-03-12 09:48 - 2014-10-29 04:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-12 09:48 - 2014-10-29 04:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-12 09:48 - 2014-10-29 04:03 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-03-12 09:48 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-12 09:48 - 2014-10-29 03:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-12 09:48 - 2014-10-29 02:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-12 09:47 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-12 09:47 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-12 09:47 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-12 09:47 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-12 09:47 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-12 09:47 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-12 09:47 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-12 09:47 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-12 09:47 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-12 09:47 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-12 09:47 - 2015-01-29 02:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-12 09:47 - 2015-01-29 02:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-12 09:47 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-12 09:47 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-12 09:47 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-12 09:47 - 2014-10-29 03:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-12 09:47 - 2014-10-29 02:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-12 09:46 - 2015-01-31 01:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-12 09:46 - 2015-01-31 01:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-12 09:46 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-12 09:46 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-12 09:46 - 2015-01-29 03:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-12 09:46 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-12 09:46 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-12 09:46 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-12 09:46 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-12 09:46 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-12 09:46 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-12 09:46 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-12 09:46 - 2014-10-29 04:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-12 09:46 - 2014-10-29 04:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-12 09:46 - 2014-10-29 04:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-12 09:46 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-12 09:46 - 2014-10-29 03:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-12 09:46 - 2014-10-29 03:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-12 09:46 - 2014-10-29 03:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-12 09:46 - 2014-10-29 03:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-12 09:46 - 2014-10-29 03:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-12 09:46 - 2014-10-29 03:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-12 09:46 - 2014-10-29 02:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-12 09:46 - 2014-10-29 02:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-12 09:46 - 2014-10-29 02:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-12 09:46 - 2014-10-29 02:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-12 09:45 - 2015-03-06 04:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-12 09:45 - 2015-03-06 04:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-12 09:45 - 2015-02-26 01:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-12 09:45 - 2015-02-20 05:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-12 09:45 - 2015-02-20 04:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-12 09:45 - 2015-02-20 04:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-12 09:45 - 2015-02-20 04:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-12 09:45 - 2015-01-28 17:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-12 09:45 - 2015-01-28 17:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-12 09:45 - 2015-01-28 17:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-12 09:45 - 2014-10-29 04:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-12 09:45 - 2014-10-29 04:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-12 09:45 - 2014-10-29 04:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-12 09:45 - 2014-10-29 04:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-12 09:45 - 2014-10-29 04:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-12 09:45 - 2014-10-29 04:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-12 09:44 - 2015-01-31 01:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-12 09:44 - 2015-01-27 06:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-12 09:44 - 2015-01-27 04:11 - 03547648 _____ () C:\WINDOWS\system32\rdpcorets.dll
2015-03-12 09:44 - 2014-10-29 05:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-12 09:44 - 2014-10-29 04:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-12 09:43 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-12 09:43 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-12 09:43 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-12 09:43 - 2015-02-21 02:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-12 09:43 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-12 09:43 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-12 09:43 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-12 09:43 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-12 09:43 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-12 09:43 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-12 09:43 - 2015-02-20 04:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-12 09:43 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-12 09:43 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-12 09:43 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-12 09:43 - 2015-02-20 04:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-12 09:43 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-12 09:43 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-12 09:43 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-12 09:43 - 2015-02-20 03:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-12 09:43 - 2015-02-20 03:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-12 09:43 - 2015-02-20 03:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-12 09:43 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-12 09:43 - 2015-02-20 03:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-12 09:43 - 2015-02-20 03:46 - 02125824 _____ () C:\WINDOWS\system32\inetcpl.cpl
2015-03-12 09:43 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-12 09:43 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-12 09:43 - 2015-02-20 03:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-12 09:43 - 2015-02-20 03:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-12 09:43 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-12 09:43 - 2015-02-20 03:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-12 09:43 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-12 09:43 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-12 09:43 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-12 09:43 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-12 09:43 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-12 09:43 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-12 09:43 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-12 09:42 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-12 09:42 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-12 09:42 - 2015-01-29 20:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-12 09:42 - 2015-01-29 20:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-12 09:42 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-12 09:42 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-12 09:41 - 2015-01-21 07:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-12 09:41 - 2015-01-21 07:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-11 01:12 - 2015-03-11 01:12 - 00065024 _____ () C:\Users\vanicda1\Downloads\06b - Dynamické bloky.ppt
2015-03-07 23:56 - 2015-03-07 23:56 - 00000000 ____D () C:\Users\vanicda1\AppData\Roaming\Maxthon3
2015-03-06 16:26 - 2015-03-06 17:53 - 00000000 ____D () C:\Users\vanicda1\Downloads\The Theory of Everything (2014)
2015-03-06 16:24 - 2015-03-06 17:18 - 00000000 ____D () C:\Users\vanicda1\Downloads\The Imitation Game (2014)
2015-03-06 16:23 - 2015-03-06 16:23 - 00000000 ____D () C:\Users\vanicda1\Downloads\American Sniper DVDSCR - BLiTZCRiEG
2015-03-05 23:06 - 2015-03-05 23:06 - 00001176 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player PRO.lnk
2015-03-05 23:06 - 2015-03-05 23:06 - 00001170 _____ () C:\Users\Public\Desktop\BS.Player PRO.lnk
2015-03-05 23:06 - 2015-03-05 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webteh
2015-03-05 23:05 - 2015-03-06 01:09 - 00000000 ____D () C:\Users\vanicda1\AppData\Roaming\BSplayer PRO
2015-03-05 23:05 - 2015-03-05 23:05 - 00000000 ____D () C:\Program Files (x86)\Webteh

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-04 12:00 - 2015-02-23 17:58 - 00000000 ____D () C:\Users\vanicda1\AppData\Local\CrashDumps
2015-04-04 12:00 - 2014-08-14 05:17 - 00000000 __RDO () C:\Users\vanicda1\OneDrive
2015-04-04 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-04 11:58 - 2014-06-19 18:02 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2015-04-04 11:58 - 2014-06-19 17:24 - 01534466 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-04 11:58 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-04 11:55 - 2015-02-26 13:12 - 00000000 ____D () C:\Users\vanicda1\AppData\Local\Adobe
2015-04-04 10:49 - 2014-06-19 18:14 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2015-04-04 10:49 - 2014-06-19 18:14 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2015-04-04 10:49 - 2014-03-18 11:53 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-04 10:42 - 2015-02-13 02:28 - 00000000 ____D () C:\Users\vanicda1
2015-04-04 10:30 - 2014-12-11 11:28 - 00000000 ____D () C:\Users\vanicda1\Desktop\ochrana
2015-04-04 10:30 - 2014-11-12 00:45 - 00000000 ____D () C:\Users\vanicda1\Desktop\ARCHITECTURAL TOOOOLS
2015-04-04 10:17 - 2015-02-13 12:14 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3278468689-3164472910-983495835-1001
2015-04-04 09:28 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-03 20:16 - 2015-02-13 19:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-03 18:59 - 2015-02-12 23:59 - 00000000 ____D () C:\AdwCleaner
2015-04-03 13:10 - 2015-02-13 02:28 - 00000000 ____D () C:\Users\Guest
2015-04-01 22:51 - 2014-09-30 01:56 - 00000000 __SHD () C:\found.000
2015-03-31 21:32 - 2015-02-13 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-31 21:32 - 2015-02-13 12:28 - 00000000 ____D () C:\ProgramData\Avira
2015-03-31 21:16 - 2014-06-19 18:03 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-03-31 20:58 - 2015-02-13 12:18 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-31 20:53 - 2015-02-26 21:41 - 00000000 ____D () C:\Users\vanicda1\AppData\Roaming\uTorrent
2015-03-31 20:53 - 2014-04-03 21:15 - 00000000 ___DC () C:\WINDOWS\Panther
2015-03-30 23:20 - 2014-08-25 16:54 - 00002708 _____ () C:\Users\vanicda1\Documents\plot.log
2015-03-30 22:54 - 2015-02-26 11:37 - 00000000 ____D () C:\Users\vanicda1\AppData\Local\cache
2015-03-30 16:27 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-03-30 10:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-19 17:33 - 2015-03-01 17:09 - 00000000 ____D () C:\Users\vanicda1\AppData\Roaming\NVIDIA
2015-03-18 23:12 - 2014-06-19 18:05 - 00000000 ____D () C:\Program Files\DIFX
2015-03-18 23:11 - 2014-06-19 17:59 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-15 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-13 22:12 - 2013-08-22 16:44 - 04997968 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-13 15:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-13 15:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-13 15:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-13 15:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-13 15:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-13 15:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-13 15:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-12 10:55 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-12 10:54 - 2015-02-14 18:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-12 10:50 - 2015-02-14 18:36 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2014-06-19 17:46 - 2014-06-19 17:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-26 11:30 - 2015-02-26 11:30 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\avgnt.exe
C:\Users\vanicda1\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-23 14:47

==================== End Of Log ============================

Re: Chyba bitové kopie, chyba nouzového režimu a spustění sy

Napsal: 04 dub 2015 11:08
od vanicda1
a addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by vanicda1 at 2015-04-04 12:04:17
Running from C:\Users\vanicda1\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3278468689-3164472910-983495835-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe InDesign CS5 (HKLM-x32\...\{F9766AC1-1461-1033-B862-DF8FE1C033BE}) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk 3ds Max 2012 64-bit - English (HKLM\...\Autodesk 3ds Max 2012 64-bit - English) (Version: 14.0 - Autodesk)
Autodesk 3ds Max 2012 64-bit - English (Version: 14.0 - Autodesk) Hidden
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit) (Version: - Autodesk)
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bandizip (HKLM\...\Bandizip) (Version: 5.05 - Bandisoft.com)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.64.1073 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Elevated Installer (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Garmin Express (HKLM-x32\...\{714dc1e5-69a4-4ecd-9552-93397e084298}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo)
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0225 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.2 - Lenovo) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.39.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo)
Lenovo Settings (x32 Version: 1.0.0.46 - Lenovo) Hidden
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.2 - Lenovo)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo)
Lenovo Updates (x32 Version: 1.1.0.61 - Lenovo) Hidden
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.3211 - Lenovo)
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Magic Transfer (x32 Version: 1.1.1.11 - Lenovo) Hidden
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.1.3.5000 - Maxthon International Limited)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1529 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.50 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OpenOffice 4.1.0 (HKLM-x32\...\{43245B34-BAEA-4716-B877-38E7E7026698}) (Version: 4.10.9764 - Apache Software Foundation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Rhinoceros 5.0 (64-bit) (HKLM\...\{BB435434-EDC8-4E54-B32D-28452CACAEC6}) (Version: 5.1.20927.2230 - Robert McNeel & Associates)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3278468689-3164472910-983495835-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-3278468689-3164472910-983495835-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3278468689-3164472910-983495835-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3278468689-3164472910-983495835-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3278468689-3164472910-983495835-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2013\en-US\acadficn.dll (Autodesk, Inc.)

==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1852B748-B7D2-415F-837E-84C5BD82AFE6} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-02-13] (Lenovo)
Task: {1A785B91-28FF-4DBE-914D-4C25F8E49AF0} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {22391902-12A1-41B3-9CFA-6DAAD51DE1E0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {3140CABC-A118-48B6-9819-28A29B2D2824} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {69A74EF6-3220-4235-89F2-E3A820651547} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {7AACA2F9-B6B8-4B56-9973-9226563A4285} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2015-01-28] ()
Task: {A694CB24-8047-408A-938B-836755734019} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-06-19] (Lenovo)
Task: {CAD6FBAA-CC19-4C2F-8BFC-2A39DAC0E074} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {D7CE6F80-DD97-4ABB-A006-39B53EB74F14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {DC635D9E-1964-42AD-820E-61C6BC34DB01} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-vanicda1@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {E0688115-4586-4425-AC4C-085A52F88A20} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {FCE508B6-164B-43D6-B8E5-106316DEDDD2} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {FE8E6215-BFC2-461A-9ADB-957A66916CBD} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-10-14] (Maxthon International ltd.)

==================== Loaded Modules (whitelisted) ==============

2014-06-19 17:37 - 2014-01-24 08:27 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-02-22 22:52 - 2011-02-22 22:52 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
2014-06-19 18:02 - 2014-06-19 18:02 - 00068880 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-06-19 18:02 - 2014-06-19 18:02 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2014-11-25 16:37 - 2014-11-25 16:38 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-06-07 14:11 - 2014-04-16 10:28 - 00080312 _____ () C:\windows\system32\igfxexps.dll
2014-06-19 18:07 - 2014-06-19 18:07 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2014-02-26 01:42 - 2014-02-26 01:42 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2014-06-19 18:07 - 2014-06-19 18:07 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
2013-08-22 13:16 - 2013-08-22 13:16 - 00532480 _____ () C:\WINDOWS\SYSTEM32\DSOUND.dll
2013-08-22 11:37 - 2013-08-22 11:37 - 00217600 _____ () C:\WINDOWS\SYSTEM32\wdmaud.drv
2013-08-22 13:25 - 2013-08-22 13:25 - 00025088 _____ () C:\WINDOWS\SYSTEM32\msacm32.drv
2013-08-22 12:03 - 2013-08-22 14:32 - 00104328 _____ () C:\WINDOWS\SYSTEM32\MSACM32.dll
2013-08-22 13:32 - 2013-08-22 13:32 - 00023552 _____ () C:\WINDOWS\SYSTEM32\midimap.dll
2013-08-22 11:21 - 2013-08-22 14:36 - 00224192 _____ () C:\Windows\System32\Windows.Media.MediaControl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
AlternateDataStreams: C:\Users\vanicda1\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3278468689-3164472910-983495835-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vanicda1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3278468689-3164472910-983495835-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-3278468689-3164472910-983495835-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-3278468689-3164472910-983495835-1003 - Limited - Enabled)
Tomáš Fiedler (S-1-5-21-3278468689-3164472910-983495835-1004 - Administrator - Enabled) => C:\Users\Tomáš Fiedler
vanicda1 (S-1-5-21-3278468689-3164472910-983495835-1001 - Administrator - Enabled) => C:\Users\vanicda1

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/04/2015 00:04:25 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Microsoft Windows Search Indexer.

Program: Microsoft Windows Search Indexer
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (04/04/2015 00:04:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchIndexer.exe, verze: 7.0.9600.17031, časové razítko: 0x530863b5
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17668, časové razítko: 0x54c850f5
Kód výjimky: 0xc000012f
Posun chyby: 0x00000000000ec500
ID chybujícího procesu: 0x1104
Čas spuštění chybující aplikace: 0xSearchIndexer.exe0
Cesta k chybující aplikaci: SearchIndexer.exe1
Cesta k chybujícímu modulu: SearchIndexer.exe2
ID zprávy: SearchIndexer.exe3
Úplný název chybujícího balíčku: SearchIndexer.exe4
ID aplikace související s chybujícím balíčkem: SearchIndexer.exe5

Error: (04/04/2015 00:04:25 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Microsoft Windows Search Indexer.

Program: Microsoft Windows Search Indexer
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (04/04/2015 00:04:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchIndexer.exe, verze: 7.0.9600.17031, časové razítko: 0x530863b5
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17668, časové razítko: 0x54c850f5
Kód výjimky: 0xc000012f
Posun chyby: 0x00000000000ec500
ID chybujícího procesu: 0xd18
Čas spuštění chybující aplikace: 0xSearchIndexer.exe0
Cesta k chybující aplikaci: SearchIndexer.exe1
Cesta k chybujícímu modulu: SearchIndexer.exe2
ID zprávy: SearchIndexer.exe3
Úplný název chybujícího balíčku: SearchIndexer.exe4
ID aplikace související s chybujícím balíčkem: SearchIndexer.exe5

Error: (04/04/2015 00:04:18 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Microsoft Windows Search Indexer.

Program: Microsoft Windows Search Indexer
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (04/04/2015 00:04:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchIndexer.exe, verze: 7.0.9600.17031, časové razítko: 0x530863b5
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17668, časové razítko: 0x54c850f5
Kód výjimky: 0xc000012f
Posun chyby: 0x00000000000ec500
ID chybujícího procesu: 0xa60
Čas spuštění chybující aplikace: 0xSearchIndexer.exe0
Cesta k chybující aplikaci: SearchIndexer.exe1
Cesta k chybujícímu modulu: SearchIndexer.exe2
ID zprávy: SearchIndexer.exe3
Úplný název chybujícího balíčku: SearchIndexer.exe4
ID aplikace související s chybujícím balíčkem: SearchIndexer.exe5

Error: (04/04/2015 00:04:18 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Microsoft Windows Search Indexer.

Program: Microsoft Windows Search Indexer
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (04/04/2015 00:04:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchIndexer.exe, verze: 7.0.9600.17031, časové razítko: 0x530863b5
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17668, časové razítko: 0x54c850f5
Kód výjimky: 0xc000012f
Posun chyby: 0x00000000000ec500
ID chybujícího procesu: 0x1148
Čas spuštění chybující aplikace: 0xSearchIndexer.exe0
Cesta k chybující aplikaci: SearchIndexer.exe1
Cesta k chybujícímu modulu: SearchIndexer.exe2
ID zprávy: SearchIndexer.exe3
Úplný název chybujícího balíčku: SearchIndexer.exe4
ID aplikace související s chybujícím balíčkem: SearchIndexer.exe5

Error: (04/04/2015 00:04:18 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Microsoft Windows Search Indexer.

Program: Microsoft Windows Search Indexer
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (04/04/2015 00:04:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchIndexer.exe, verze: 7.0.9600.17031, časové razítko: 0x530863b5
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17668, časové razítko: 0x54c850f5
Kód výjimky: 0xc000012f
Posun chyby: 0x00000000000ec500
ID chybujícího procesu: 0x7b0
Čas spuštění chybující aplikace: 0xSearchIndexer.exe0
Cesta k chybující aplikaci: SearchIndexer.exe1
Cesta k chybujícímu modulu: SearchIndexer.exe2
ID zprávy: SearchIndexer.exe3
Úplný název chybujícího balíčku: SearchIndexer.exe4
ID aplikace související s chybujícím balíčkem: SearchIndexer.exe5


System errors:
=============
Error: (04/04/2015 00:04:25 PM) (Source: DCOM) (EventID: 10005) (User: DADYNA)
Description: 1053WSearchNení k dispozici{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (04/04/2015 00:04:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (04/04/2015 00:04:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).

Error: (04/04/2015 00:04:25 PM) (Source: DCOM) (EventID: 10005) (User: DADYNA)
Description: 1053WSearchNení k dispozici{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (04/04/2015 00:04:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (04/04/2015 00:04:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).

Error: (04/04/2015 00:04:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee Anti-Spam Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (04/04/2015 00:04:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee Proxy Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (04/04/2015 00:04:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee Platform Services byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (04/04/2015 00:04:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee VirusScan Announcer byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.


Microsoft Office Sessions:
=========================
Error: (04/04/2015 00:04:25 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Microsoft Windows Search Indexer000000000

Error: (04/04/2015 00:04:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SearchIndexer.exe7.0.9600.17031530863b5ntdll.dll6.3.9600.1766854c850f5c000012f00000000000ec500110401d06ebebad58686C:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\SYSTEM32\ntdll.dllf88474aa-dab1-11e4-8277-18cf5e9ba24c

Error: (04/04/2015 00:04:25 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Microsoft Windows Search Indexer000000000

Error: (04/04/2015 00:04:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SearchIndexer.exe7.0.9600.17031530863b5ntdll.dll6.3.9600.1766854c850f5c000012f00000000000ec500d1801d06ebebac99b5cC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\SYSTEM32\ntdll.dllf87888df-dab1-11e4-8277-18cf5e9ba24c

Error: (04/04/2015 00:04:18 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Microsoft Windows Search Indexer000000000

Error: (04/04/2015 00:04:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SearchIndexer.exe7.0.9600.17031530863b5ntdll.dll6.3.9600.1766854c850f5c000012f00000000000ec500a6001d06ebeb7230f6aC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\SYSTEM32\ntdll.dllf4cf9b45-dab1-11e4-8277-18cf5e9ba24c

Error: (04/04/2015 00:04:18 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Microsoft Windows Search Indexer000000000

Error: (04/04/2015 00:04:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SearchIndexer.exe7.0.9600.17031530863b5ntdll.dll6.3.9600.1766854c850f5c000012f00000000000ec500114801d06ebeb717244cC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\SYSTEM32\ntdll.dllf4c3af7e-dab1-11e4-8277-18cf5e9ba24c

Error: (04/04/2015 00:04:18 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Microsoft Windows Search Indexer000000000

Error: (04/04/2015 00:04:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SearchIndexer.exe7.0.9600.17031530863b5ntdll.dll6.3.9600.1766854c850f5c000012f00000000000ec5007b001d06ebeb6d90745C:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\SYSTEM32\ntdll.dllf487f57d-dab1-11e4-8277-18cf5e9ba24c


CodeIntegrity Errors:
===================================
Date: 2015-04-04 11:59:19.551
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-04 10:42:06.022
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-04 09:46:52.284
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 11%
Total physical RAM: 16296.27 MB
Available physical RAM: 14367.28 MB
Total Pagefile: 32680.27 MB
Available Pagefile: 30258.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:547.58 GB) (Free:395.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.08 GB) NTFS
Drive s: (ŠKOLA) (Fixed) (Total:342.23 GB) (Free:250.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 48B2A9F4)

Partition: GPT Partition Type.

==================== End Of Log ============================
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz