Dobrý den,
pěkně prosím o preventivku,
Děkuji!
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ondřej at 2015-08-26 20:29:29
Microsoft Windows 8.1
System drive C: has 757 GB (83%) free of 911 GB
Total RAM: 8106 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:29:36, on 26. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Ondřej\AppData\Local\Pokki\Engine\HostAppService.exe
C:\Users\Ondřej\AppData\Local\Pokki\Engine\HostAppService.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Ondřej\AppData\Roaming\LSC\Local Store\LSCSetup64.exe
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe
C:\Program Files\trend micro\Ondřej.exe
C:\Windows\SysWOW64\cmd.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yhs4.search.yahoo.com/yhs/web ... dows%2B8.1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_CF032939DE38A08C6532325B24209B28] "C:\Users\Ondřej\AppData\Local\Chromium\Application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Vystřihnout záložku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GDCAgent - Unknown owner - C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel Bluetooth Service (ibtsiva.exe) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo OKO Service - Lenovo(beijing) Limited - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo PAWD Service (LenovoPAWDService) - Unknown owner - C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe
O23 - Service: lupdate (LenovoUpdate) - Unknown owner - C:\windows\System32\LenovoUpdate.exe (file missing)
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: OKOControlSvc - Lenovo(beijing) Limited - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 16744 bytes
======Listing Processes======
wininit.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\windows\system32\CxAudMsg64.exe
dashost.exe {bb915d32-18a0-4e6a-82095d1d00320b0b}
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\SysWOW64\SAsrv.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
System32\LenovoUpdate.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ee9c506d-c086-4fbd-9918-257a3ff8f38b -SystemEventPortName:HostProcess-f9a3e72b-b32c-4795-a69b-919ffcd0d53b -IoCancelEventPortName:HostProcess-ca84ba9d-6c23-47c2-9207-dded0dbfe29b -NonStateChangingEventPortName:HostProcess-f04fd6e9-e706-4e5e-a062-81b6a951a793 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c6812994-540f-466c-bfd7-f4e4545c3e68 -DeviceGroupId:WudfDefaultDevicePool
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-699c2732-4d1b-4c97-a593-88738c9261ff -SystemEventPortName:HostProcess-b770aeed-5da9-4002-98cf-7be32ef80448 -IoCancelEventPortName:HostProcess-75b498aa-e7f7-4cd6-ae6e-51431b9fcc24 -NonStateChangingEventPortName:HostProcess-660a982f-a21a-4325-9e22-33ae4d7a65e0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:24aca393-20b5-4301-a05d-2a42952a37f2 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-175ffadc-16f6-4386-9926-0875fe2427a7 -SystemEventPortName:HostProcess-dcc18aef-465d-46c7-bf0a-14ac72b161d6 -IoCancelEventPortName:HostProcess-1d08960c-ea83-4564-9575-c122c970ac1a -NonStateChangingEventPortName:HostProcess-282f3a3f-b953-4861-b6e8-1c705cc8a271 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a1aabff9-d442-4f90-9f1c-70ca0142976d -DeviceGroupId:
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
adb fork-server server
"C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x8c4_0xfc0_0x5abaa1fb"
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\system32\WLANExt.exe 617116394960
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files (x86)\Stardock\Start8\Start8_64.exe" START
atieclxx
C:\windows\Explorer.EXE
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
igfxEM.exe
C:\Users\Ondřej\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe /LOGON
igfxHK.exe
igfxTray.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\windows\system32\GWX\GWX.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\LenovoUtility\utility.exe"
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe" /run
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Users\Ondřej\AppData\Local\Pokki\Engine\HostAppService.exe"
"C:\Users\Ondřej\AppData\Local\Pokki\Engine\HostAppService.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/17/OneClickSignIn/Standard/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingLearningEnabled/Test0PercentDefault/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --noerrdialogs --disable-client-side-phishing-detection --disable-bundled-ppapi-flash --channel="9904.1.570264517\1018164131" /prefetch:3
"C:\Users\Ondřej\AppData\Local\Pokki\Engine\StartMenuIndexer.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe" /hide
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ea10964c-504f-40ae-a8b6-309870f804a2 -SystemEventPortName:HostProcess-484dadd7-34b3-4709-96ca-10e6d2d0bf41 -IoCancelEventPortName:HostProcess-0bbc7965-5bc3-4807-9054-a0b3fcf904a1 -NonStateChangingEventPortName:HostProcess-a945e296-5b94-4295-a660-cad06b23050d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d0e81f5d-6195-46cc-af65-c2a90946f6ae -DeviceGroupId:WpdFsGroup
"C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskhost.exe
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Ondřej\AppData\Local\Steam\htmlcache" -steampid 4492 -buildid 1440016726 -steamid "0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe"
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k rpcss
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
taskeng.exe {37AAEC26-4D95-47ED-8407-8059AF74E1A4}
C:\windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe"
C:\windows\system32\vssvc.exe
C:\windows\System32\svchost.exe -k swprv
"C:\Users\Ondřej\AppData\Roaming\LSC\Local Store\LSCSetup64.exe"
MSIEXEC.EXE /i "C:\windows\Downloaded Installations\{21998ADD-E4CA-4E26-BEE0-D20D5146B823}\Lenovo Solution Center.msi" /L*v "C:\Users\ONDEJ~1\AppData\Local\Temp\LSCInstall.log" TRANSFORMS="C:\windows\Downloaded Installations\{21998ADD-E4CA-4E26-BEE0-D20D5146B823}\1033.MST" SETUPEXEDIR="C:\Users\Ondřej\AppData\Roaming\LSC\Local Store" SETUPEXENAME="LSCSetup64.exe"
C:\Windows\syswow64\MsiExec.exe -Embedding 51AA0EC01CDDDE246E91CF5132C1A5A7 C
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe401_ Global\UsGthrCtrlFltPipeMssGthrPipe401 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:8
\??\C:\windows\system32\conhost.exe 0x4
"C:\windows\system32\SearchFilterHost.exe" 0 940 944 952 65536 948
C:\Windows\syswow64\MsiExec.exe -Embedding 762486E929D0DCD95E889F2FF2FD309A
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
consent.exe 604 328 00000008661FDB30
"C:\Users\Ondřej\Desktop\RSITx64.exe"
"C:\Windows\System32\cmd.exe" /c "C:\Program Files\Lenovo\Lenovo Solution Center\App\ThinkStationSIOMonitor.exe" -stop
\??\C:\windows\system32\conhost.exe 0x4
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.CZE
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01 629256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03 141496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03 141496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03 141496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-10-09 36352]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-20 919768]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-10-21 2809072]
"RtsFT"=C:\windows\RTFTrack.exe [2014-10-22 4060376]
"LenovoUtility"=C:\Program Files\Lenovo\LenovoUtility\utility.exe [2015-03-25 791368]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2015-03-25 802800]
"OneKeyOptimizer"=C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [2015-07-20 605992]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-01-28 5595848]
"COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-05 1427648]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30 500936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_CF032939DE38A08C6532325B24209B28"=C:\Users\Ondřej\AppData\Local\Chromium\Application\chrome.exe [2015-07-20 663552]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-08-19 2899136]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-29 53282944]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-08-26 22344224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"AdobeCEPServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [2013-05-16 1039240]
""= []
C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"Max Cached Icons"=2000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-26 20:29:29 ----D---- C:\rsit
2015-08-26 20:29:29 ----D---- C:\Program Files\trend micro
2015-08-26 20:19:28 ----HD---- C:\VTRoot
2015-08-26 20:19:23 ----A---- C:\windows\system32\drivers\fvstore.dat
2015-08-26 20:03:33 ----SHD---- C:\Config.Msi
2015-08-02 18:28:30 ----A---- C:\windows\SYSWOW64\ssubtmr6.dll
2015-08-01 00:23:54 ----D---- C:\Games
2015-07-31 21:30:38 ----D---- C:\EarMaster Pro 6
2015-07-31 21:30:37 ----D---- C:\Users\Ondřej\AppData\Roaming\WinRAR
2015-07-31 21:30:17 ----D---- C:\Program Files\WinRAR
2015-07-29 13:38:44 ----HD---- C:\$Windows.~BT
2015-07-27 23:27:17 ----D---- C:\BIOS
2015-07-27 22:39:45 ----D---- C:\Users\Ondřej\AppData\Roaming\dekovir
2015-07-27 22:13:54 ----D---- C:\drivers
======List of files/folders modified in the last 1 month======
2015-08-26 20:29:38 ----SHD---- C:\windows\Installer
2015-08-26 20:29:29 ----RD---- C:\Program Files
2015-08-26 20:29:14 ----D---- C:\windows\Temp
2015-08-26 20:29:12 ----D---- C:\windows\Prefetch
2015-08-26 20:28:20 ----SHD---- C:\System Volume Information
2015-08-26 20:27:15 ----D---- C:\windows\Downloaded Installations
2015-08-26 20:26:52 ----HD---- C:\ProgramData
2015-08-26 20:24:35 ----A---- C:\windows\SYSWOW64\taskSchedularLog.txt
2015-08-26 20:19:23 ----D---- C:\windows\system32\drivers
2015-08-26 20:18:29 ----D---- C:\windows\system32\Tasks
2015-08-26 20:18:15 ----RAD---- C:\windows\System32
2015-08-26 20:18:15 ----D---- C:\windows\SysWOW64
2015-08-26 20:17:58 ----D---- C:\Program Files (x86)\Steam
2015-08-26 20:03:07 ----D---- C:\Program Files (x86)\Opera
2015-08-26 20:00:01 ----D---- C:\windows\system32\sru
2015-08-26 19:59:08 ----D---- C:\windows\system32\config
2015-08-26 19:57:57 ----D---- C:\windows\Inf
2015-08-26 19:57:57 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-08-26 19:56:55 ----D---- C:\windows\WinSxS
2015-08-26 19:56:18 ----D---- C:\windows\CbsTemp
2015-08-06 22:18:32 ----D---- C:\windows\system32\drivers\etc
2015-08-06 21:39:20 ----D---- C:\windows\Microsoft.NET
2015-08-05 23:08:26 ----D---- C:\Users\Ondřej\AppData\Roaming\vlc
2015-08-05 02:29:56 ----A---- C:\windows\system32\cmdcsr.dll
2015-08-05 02:29:50 ----A---- C:\windows\SYSWOW64\guard32.dll
2015-08-05 02:29:47 ----A---- C:\windows\system32\guard64.dll
2015-08-05 02:28:50 ----A---- C:\windows\system32\cmdvrt64.dll
2015-08-05 02:28:20 ----A---- C:\windows\system32\cmdkbd64.dll
2015-08-05 02:27:20 ----A---- C:\windows\SYSWOW64\cmdvrt32.dll
2015-08-05 02:26:53 ----A---- C:\windows\SYSWOW64\cmdkbd32.dll
2015-08-04 09:39:00 ----D---- C:\ProgramData\Lenovo
2015-08-02 22:34:32 ----D---- C:\Users\Ondřej\AppData\Roaming\uTorrent
2015-08-02 21:16:12 ----RD---- C:\Program Files (x86)
2015-08-02 17:46:29 ----D---- C:\windows\system32\NDF
2015-07-29 13:44:17 ----D---- C:\windows\Panther
2015-07-29 13:39:33 ----HD---- C:\Program Files\WindowsApps
2015-07-29 13:39:33 ----D---- C:\windows\AppReadiness
2015-07-29 13:38:44 ----D---- C:\windows\Logs
2015-07-29 00:20:00 ----D---- C:\ProgramData\Microsoft
2015-07-28 21:15:51 ----D---- C:\windows\system32\DriverStore
2015-07-28 18:51:10 ----D---- C:\windows\system32\catroot2
2015-07-28 01:12:09 ----D---- C:\windows\rescache
2015-07-28 01:05:30 ----D---- C:\Program Files\Windows Media Player
2015-07-28 01:05:30 ----D---- C:\Program Files\Windows Mail
2015-07-28 01:05:30 ----D---- C:\Program Files\Windows Journal
2015-07-28 01:05:30 ----D---- C:\Program Files\Internet Explorer
2015-07-28 01:05:28 ----D---- C:\windows\WinStore
2015-07-28 01:05:28 ----D---- C:\windows\SYSWOW64\slmgr
2015-07-28 01:05:28 ----D---- C:\windows\SYSWOW64\sk-SK
2015-07-28 01:05:28 ----D---- C:\windows\SYSWOW64\oobe
2015-07-28 01:05:28 ----D---- C:\windows\servicing
2015-07-28 01:05:28 ----D---- C:\Program Files\Windows Photo Viewer
2015-07-28 01:05:28 ----D---- C:\Program Files\Windows Defender
2015-07-28 01:05:28 ----D---- C:\Program Files\Common Files\System
2015-07-28 01:05:28 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2015-07-28 01:05:28 ----D---- C:\Program Files (x86)\Windows Media Player
2015-07-28 01:05:28 ----D---- C:\Program Files (x86)\Windows Mail
2015-07-28 01:05:28 ----D---- C:\Program Files (x86)\Windows Defender
2015-07-28 01:05:28 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-28 01:05:26 ----RD---- C:\windows\ImmersiveControlPanel
2015-07-28 01:05:26 ----D---- C:\windows\SYSWOW64\WCN
2015-07-28 01:05:26 ----D---- C:\windows\SYSWOW64\wbem
2015-07-28 01:05:26 ----D---- C:\windows\SYSWOW64\drivers
2015-07-28 01:05:26 ----D---- C:\windows\system32\Sysprep
2015-07-28 01:05:26 ----D---- C:\windows\system32\slmgr
2015-07-28 01:05:26 ----D---- C:\windows\system32\sk-SK
2015-07-28 01:05:26 ----D---- C:\windows\system32\migwiz
2015-07-28 01:05:26 ----D---- C:\windows\PolicyDefinitions
2015-07-28 01:05:26 ----AD---- C:\windows\system32\oobe
2015-07-28 01:05:26 ----AD---- C:\Windows
2015-07-28 01:05:24 ----D---- C:\windows\system32\WCN
2015-07-28 01:05:24 ----D---- C:\windows\system32\wbem
2015-07-28 01:05:23 ----D---- C:\windows\system32\SystemResetPlatform
2015-07-28 01:05:23 ----AD---- C:\windows\Help
2015-07-28 00:58:16 ----D---- C:\windows\debug
2015-07-27 23:50:47 ----SD---- C:\Users\Ondřej\AppData\Roaming\Microsoft
2015-07-27 23:09:05 ----D---- C:\windows\Tasks
2015-07-27 22:37:25 ----D---- C:\ProgramData\Package Cache
2015-07-27 22:08:44 ----RSD---- C:\windows\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdkmpfd;@oem6.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\windows\System32\drivers\amdkmpfd.sys [2014-10-28 62152]
R0 edevmon;edevmon; C:\windows\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 Fastboot;Fastboot; C:\windows\System32\DRIVERS\Fastboot.sys [2015-07-20 70168]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2014-10-09 1398936]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\windows\System32\DRIVERS\cmderd.sys [2015-08-05 21720]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\system32\DRIVERS\cmdguard.sys [2015-08-05 827632]
R1 cmdhlp;COMODO Internet Security Helper Driver; C:\windows\system32\DRIVERS\cmdhlp.sys [2015-08-05 35056]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 inspect;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2015-08-05 127232]
R1 SCDEmu;SCDEmu; C:\windows\system32\drivers\SCDEmu.sys [2015-06-08 127760]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2015-03-10 159480]
R3 ACPIVPC;@oem40.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2015-03-25 35064]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2014-12-17 18977280]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2014-12-17 591872]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 CnxtHdAudService;@oem11.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-11-12 1535168]
R3 ibtusb;@oem14.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\windows\system32\DRIVERS\ibtusb.sys [2014-08-14 219592]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2015-07-20 4888368]
R3 iwdbus;@oem5.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2015-07-20 30512]
R3 KMDFVirtualKbd;@oem43.inf,%KMDFVirtualKbd.SVCDESC%;Lenovo Virtual Keyboard Device; C:\windows\System32\drivers\KMDFVirtualKbd.sys [2014-08-05 22264]
R3 KMDFVirtualMouse;@oem44.inf,%KMDFVirtualMouse.SVCDESC%;Lenovo Virtual Mouse Device; C:\windows\System32\drivers\KMDFVirtualMouse.sys [2014-08-05 21240]
R3 MEIx64;@oem51.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2014-09-30 129312]
R3 NETwNb64;@oem53.inf,%NIC_Service_DispName_WINB_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 8.1 64 Bit; C:\windows\system32\DRIVERS\Netwbw02.sys [2014-12-08 3494680]
R3 RSUSBVSTOR;@oem18.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2014-03-27 331992]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2014-05-29 873176]
R3 rtsuvc;@oem24.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-10-22 2584280]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-10-21 31472]
R3 SynTP;@oem13.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2014-10-21 549104]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-07-20 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2015-07-20 42288]
S3 IntcDAud;@oem2.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-12-19 455440]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-07-20 167424]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2014-12-17 246272]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-08-05 5542472]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2014-10-20 207576]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2015-01-28 1349576]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2015-07-20 638368]
R2 FastbootService;FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [2015-07-20 191000]
R2 GDCAgent;GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [2015-06-01 1122744]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-10-09 18584]
R2 ibtsiva.exe;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2014-08-14 121288]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2015-07-20 345864]
R2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-09-03 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-09-03 154584]
R2 Lenovo OKO Service;Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2015-07-20 2742568]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-10-13 2005320]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-03-06 584632]
R2 LenovoPAWDService;Lenovo PAWD Service; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [2015-03-25 133440]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [2014-06-19 258544]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-08-26 218952]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-09-03 405976]
R2 OKOControlSvc;OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [2015-07-20 359208]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2015-03-25 321520]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2015-07-20 157088]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 Start8;Stardock Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2014-06-12 143288]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2014-10-21 190704]
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2015-03-25 68880]
R3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-08-05 2265792]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R3 LenovoUpdate;lupdate; C:\windows\System32\LenovoUpdate.exe [2015-07-20 26608]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-26 269000]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-08-06 599024]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2015-07-20 280840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09 174368]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-08-06 525296]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-08-06 535024]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-08-06 727536]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-03-09 272440]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-01 148136]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2015-07-20 268192]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-20 178824]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2015-03-25 338416]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka
Zdravim 
Jde ciste jen o prevenci, nebo je i nejaky problem?
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Jde ciste jen o prevenci, nebo je i nejaky problem? Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Děkuji,
notebook mi přijde jen trochu pomalejší a a začal se chovat podivně po tom co jsem odinstaloval Lenovo Settings které nešlo spustit.
AdwLog:
# AdwCleaner v5.004 - Logfile created 27/08/2015 at 10:32:07
# Updated 26/08/2015 by Xplode
# Database : 2015-08-25.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Ondřej - ONDREJ
# Running from : C:\Users\Ondřej\Desktop\adwcleaner_5.004.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\pokki
[-] Folder Deleted : C:\Users\Ondřej\AppData\Local\pokki
***** [ Files ] *****
[-] File Deleted : C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\jid0-zs24wecdcQo0Lp18D7QOV4WSZFo@jetpack.xpi
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : Pokki
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
[-] Key Deleted : HKCU\Software\Pokki
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[!] Key Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
[!] Key Not Deleted : [x64] HKCU\Software\Pokki
[!] Key Not Deleted : [x64] HKCU\Software\PRODUCTSETUP
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91AA1FF5-AC0A-4B3B-BB30-54A2D713A164}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91AA1FF5-AC0A-4B3B-BB30-54A2D713A164}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{91AA1FF5-AC0A-4B3B-BB30-54A2D713A164}
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\SearchScopes\{91AA1FF5-AC0A-4B3B-BB30-54A2D713A164}
[-] Data Restored : HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
***** [ Web browsers ] *****
[-] [C:\Users\Ondřej\AppData\Local\Chromium\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_pwrisofs_15_30¶m1=1¶m2=f%3D7%26b%3Dchmm%26cc%3Dcz%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0EyD0B0B0B0AyDzztN0D0Tzu0StCtBzyyCtN1L2XzutAtFtCtBtFyDtFyEtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDtCyEtCzyzytDtAtGtCtCyByEtGyDyB0BtDtGyE0CzztCtGyDyByByCtByByD0CyDtAyDyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CyD0FyCyD0A0DtG0Bzz0AzytGyE0EtDtCtGzz0Ezy0AtG0D0B0F0F0ByDtA0Dzz0FyEzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzzzyE%26cr%3D135420560%26a%3Dwncy_pwrisofs_15_30%26os%3DWindows%2B8.1&uref=chmm
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3443 bytes] ##########
notebook mi přijde jen trochu pomalejší a a začal se chovat podivně po tom co jsem odinstaloval Lenovo Settings které nešlo spustit.
AdwLog:
# AdwCleaner v5.004 - Logfile created 27/08/2015 at 10:32:07
# Updated 26/08/2015 by Xplode
# Database : 2015-08-25.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Ondřej - ONDREJ
# Running from : C:\Users\Ondřej\Desktop\adwcleaner_5.004.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\pokki
[-] Folder Deleted : C:\Users\Ondřej\AppData\Local\pokki
***** [ Files ] *****
[-] File Deleted : C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\jid0-zs24wecdcQo0Lp18D7QOV4WSZFo@jetpack.xpi
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : Pokki
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
[-] Key Deleted : HKCU\Software\Pokki
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[!] Key Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
[!] Key Not Deleted : [x64] HKCU\Software\Pokki
[!] Key Not Deleted : [x64] HKCU\Software\PRODUCTSETUP
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91AA1FF5-AC0A-4B3B-BB30-54A2D713A164}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91AA1FF5-AC0A-4B3B-BB30-54A2D713A164}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{91AA1FF5-AC0A-4B3B-BB30-54A2D713A164}
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\SearchScopes\{91AA1FF5-AC0A-4B3B-BB30-54A2D713A164}
[-] Data Restored : HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
***** [ Web browsers ] *****
[-] [C:\Users\Ondřej\AppData\Local\Chromium\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_pwrisofs_15_30¶m1=1¶m2=f%3D7%26b%3Dchmm%26cc%3Dcz%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0EyD0B0B0B0AyDzztN0D0Tzu0StCtBzyyCtN1L2XzutAtFtCtBtFyDtFyEtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDtCyEtCzyzytDtAtGtCtCyByEtGyDyB0BtDtGyE0CzztCtGyDyByByCtByByD0CyDtAyDyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CyD0FyCyD0A0DtG0Bzz0AzytGyE0EtDtCtGzz0Ezy0AtG0D0B0F0F0ByDtA0Dzz0FyEzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzzzyE%26cr%3D135420560%26a%3Dwncy_pwrisofs_15_30%26os%3DWindows%2B8.1&uref=chmm
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3443 bytes] ##########
Re: Preventivka
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
ANTI-MALWARE:
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Ondřej
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 681245
Uplynulý čas: 4 hod, 46 min, 58 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 1
PUP.Optional.NotChromeRun.A, HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GoogleChromeAutoLaunch_CF032939DE38A08C6532325B24209B28, "C:\Users\Ondřej\AppData\Local\Chromium\Application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session, , [eedfe22b4d3ecb6baed4d1dd45bf3fc1]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2015/08/27 17:02:02
-- Controller Map ----------------------------------------------------------
+ Intel(R) 9 Series Chipset Family SATA AHCI Controller [ATA]
- ST1000LM024 HN-M101MBB
- HL-DT-ST DVDRAM GUC0N
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB : 1000,2 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB
----------------------------------------------------------------------------
Model : ST1000LM024 HN-M101MBB
Firmware : 2BA30001
Serial Number : S30YJ9EG312997
Disk Size : 1000,2 GB (7,9/137,4/1000,2)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600
Power On Hours : 130 hod.
Power On Count : 87 krát
Temparature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : FE00h [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _92 _92 _25 0000000009C9 Čas na roztočení ploten
04 100 100 __0 000000000056 Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 000000000082 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000001 Počet pokusů o překalibrování
0C 100 100 __0 000000000057 Počet cyklů zapnutí zařízení
BF 100 100 __0 0000000001BB Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000002 Počet vypnutí disku
C2 _64 _54 __0 002F00150024 Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 252 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 00000000015F Počet chyb při zápisu sektorů
DF 100 100 __0 000000000001 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 100 100 __0 000000002642 Počet cyklů načítání/vymazání
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 000F 0000 003F 003F 0000 0000 0000
010: 5333 3059 4A39 4547 3331 3937 3937 2020 2020 2020
020: 0000 8000 0004 3242 4133 3031 3031 5354 3130 3030
030: 4C4D 3032 3420 484E 2D4D 314D 314D 4242 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0006 3FFF 003F 003F FC10 00FB 0000
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0F0E 0F0E 0006 004C 0048
080: 01FF 0028 746B 7F29 6123 BC09 BC09 6123 203F 0064
090: 0064 0080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 6003 6003 0000 5000 4CF2
110: 0F55 D342 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003F 003F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 F1A5
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Ondřej
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 681245
Uplynulý čas: 4 hod, 46 min, 58 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 1
PUP.Optional.NotChromeRun.A, HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GoogleChromeAutoLaunch_CF032939DE38A08C6532325B24209B28, "C:\Users\Ondřej\AppData\Local\Chromium\Application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session, , [eedfe22b4d3ecb6baed4d1dd45bf3fc1]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2015/08/27 17:02:02
-- Controller Map ----------------------------------------------------------
+ Intel(R) 9 Series Chipset Family SATA AHCI Controller [ATA]
- ST1000LM024 HN-M101MBB
- HL-DT-ST DVDRAM GUC0N
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB : 1000,2 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB
----------------------------------------------------------------------------
Model : ST1000LM024 HN-M101MBB
Firmware : 2BA30001
Serial Number : S30YJ9EG312997
Disk Size : 1000,2 GB (7,9/137,4/1000,2)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600
Power On Hours : 130 hod.
Power On Count : 87 krát
Temparature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : FE00h [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _92 _92 _25 0000000009C9 Čas na roztočení ploten
04 100 100 __0 000000000056 Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 000000000082 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000001 Počet pokusů o překalibrování
0C 100 100 __0 000000000057 Počet cyklů zapnutí zařízení
BF 100 100 __0 0000000001BB Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000002 Počet vypnutí disku
C2 _64 _54 __0 002F00150024 Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 252 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 00000000015F Počet chyb při zápisu sektorů
DF 100 100 __0 000000000001 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 100 100 __0 000000002642 Počet cyklů načítání/vymazání
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 000F 0000 003F 003F 0000 0000 0000
010: 5333 3059 4A39 4547 3331 3937 3937 2020 2020 2020
020: 0000 8000 0004 3242 4133 3031 3031 5354 3130 3030
030: 4C4D 3032 3420 484E 2D4D 314D 314D 4242 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0006 3FFF 003F 003F FC10 00FB 0000
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0F0E 0F0E 0006 004C 0048
080: 01FF 0028 746B 7F29 6123 BC09 BC09 6123 203F 0064
090: 0064 0080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 6003 6003 0000 5000 4CF2
110: 0F55 D342 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003F 003F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 F1A5
Re: Preventivka
Disk hlasi chyby, muze to byt pricina potizi.
Nalez MBAM nechte odstranit, pak muzete MBAM odinstalovat.
Dejte novy log z RSIT
a k tomu
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
Nalez MBAM nechte odstranit, pak muzete MBAM odinstalovat. Dejte novy log z RSITa k tomu
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ondřej at 2015-08-28 23:15:33
Microsoft Windows 8.1
System drive C: has 761 GB (84%) free of 911 GB
Total RAM: 8106 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:15:36, on 28. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Users\Ondřej\Desktop\FRSTLauncher.exe
C:\windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroTray.exe
C:\windows\SysWOW64\notepad.exe
C:\Program Files\trend micro\Ondřej.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Vystřihnout záložku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GDCAgent - Unknown owner - C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel Bluetooth Service (ibtsiva.exe) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo OKO Service - Lenovo(beijing) Limited - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo PAWD Service (LenovoPAWDService) - Unknown owner - C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
O23 - Service: lupdate (LenovoUpdate) - Unknown owner - C:\windows\System32\LenovoUpdate.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: OKOControlSvc - Lenovo(beijing) Limited - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 15287 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe"
"C:\Program Files (x86)\Stardock\Start8\Start8_64.exe" START
C:\windows\system32\WLANExt.exe 570448896320
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\windows\system32\CxAudMsg64.exe
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
dashost.exe {c8e94fd5-445b-4997-8512d8878933fcad}
"C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\SysWOW64\SAsrv.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
System32\LenovoUpdate.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9c1d844e-fef1-44f7-80b9-43f7ed7a8efa -SystemEventPortName:HostProcess-5b73b61f-dd7c-4f1e-9d46-4277f078ae45 -IoCancelEventPortName:HostProcess-b00237e6-3ae0-4d42-957a-0b281965c15d -NonStateChangingEventPortName:HostProcess-f241d076-934c-4e2a-aabf-c6b542744a57 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8f7e8c18-59fc-46d8-b38e-d2b4543cd3ad -DeviceGroupId:WudfDefaultDevicePool
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
atieclxx
"C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\Explorer.EXE
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\windows\system32\GWX\GWX.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\LenovoUtility\utility.exe"
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe" /run
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe" /hide
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x19f8_0x490_0xd0928727a"
"C:\Users\Ondřej\AppData\Local\Apps\2.0\E3CEQ2Z0.2J2\KZQ0ETDD.T46\lsb...tion_91a10ba61c75c82d_0001.0004_53146ffb7155a994\LSB.exe"
"C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store
"C:\Users\Ondřej\Desktop\FRSTLauncher.exe"
\??\C:\windows\system32\conhost.exe 0x4
cmd.exe /c C:\Users\ONDEJ~1\AppData\Local\Temp\~8995.bat "C:\Users\Ondřej\Desktop\FRSTLauncher.exe"
C:\windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroTray.exe"
notepad FRST.txt
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
C:\windows\System32\ThumbnailExtractionHost.exe -Embedding
"C:\Users\Ondřej\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.CZE
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01 629256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03 141496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03 141496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03 141496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-10-09 36352]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-20 919768]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-10-21 2809072]
"RtsFT"=C:\windows\RTFTrack.exe [2014-10-22 4060376]
"LenovoUtility"=C:\Program Files\Lenovo\LenovoUtility\utility.exe [2015-03-25 791368]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2015-03-25 802800]
"OneKeyOptimizer"=C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [2015-07-20 605992]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-01-28 5595848]
"COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-05 1427648]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30 500936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-08-19 2899136]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-29 53282944]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-08-26 22344224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"AdobeCEPServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [2013-05-16 1039240]
""= []
"WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2015-07-20 5564784]
C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"Max Cached Icons"=2000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-28 23:10:05 ----D---- C:\FRST
2015-08-28 12:10:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-28 11:52:01 ----SHD---- C:\Config.Msi
2015-08-27 14:32:52 ----D---- C:\Users\Ondřej\AppData\Roaming\com.wd.WDMyCloud
2015-08-27 14:32:34 ----D---- C:\ProgramData\Apple
2015-08-27 14:32:34 ----D---- C:\Program Files\Bonjour
2015-08-27 14:32:34 ----D---- C:\Program Files (x86)\Bonjour
2015-08-27 14:22:02 ----D---- C:\Program Files\Common Files\Western Digital
2015-08-27 14:22:01 ----D---- C:\ProgramData\Western Digital
2015-08-27 14:22:01 ----D---- C:\Program Files (x86)\Western Digital
2015-08-27 12:44:53 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-27 12:44:53 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-27 11:31:27 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-27 11:30:21 ----D---- C:\ProgramData\Malwarebytes
2015-08-27 11:30:21 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-27 11:30:21 ----A---- C:\windows\system32\drivers\mwac.sys
2015-08-27 11:30:21 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2015-08-27 11:30:21 ----A---- C:\windows\system32\drivers\mbam.sys
2015-08-27 10:42:43 ----A---- C:\windows\SYSWOW64\msxml6.dll
2015-08-27 10:42:43 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-08-27 10:42:43 ----A---- C:\windows\system32\msxml6.dll
2015-08-27 10:42:43 ----A---- C:\windows\system32\msxml3.dll
2015-08-27 10:42:42 ----A---- C:\windows\system32\win32k.sys
2015-08-27 10:42:41 ----A---- C:\windows\system32\FntCache.dll
2015-08-27 10:42:41 ----A---- C:\windows\system32\DWrite.dll
2015-08-27 10:42:40 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-08-27 10:42:40 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-08-27 10:42:40 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-08-27 10:42:40 ----A---- C:\windows\system32\atmlib.dll
2015-08-27 10:42:40 ----A---- C:\windows\system32\atmfd.dll
2015-08-27 10:38:30 ----A---- C:\windows\system32\mshtml.dll
2015-08-27 10:38:26 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-08-27 10:38:22 ----A---- C:\windows\system32\ieframe.dll
2015-08-27 10:38:20 ----A---- C:\windows\system32\jscript9.dll
2015-08-27 10:38:19 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-08-27 10:38:17 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-08-27 10:38:17 ----A---- C:\windows\system32\wininet.dll
2015-08-27 10:38:17 ----A---- C:\windows\system32\ieui.dll
2015-08-27 10:38:16 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-08-27 10:38:15 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-08-27 10:38:15 ----A---- C:\windows\system32\actxprxy.dll
2015-08-27 10:38:14 ----A---- C:\windows\system32\urlmon.dll
2015-08-27 10:38:13 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-08-27 10:38:13 ----A---- C:\windows\system32\ieapfltr.dll
2015-08-27 10:38:12 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-08-27 10:38:10 ----A---- C:\windows\system32\iertutil.dll
2015-08-27 10:38:09 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-08-27 10:38:09 ----A---- C:\windows\system32\msfeeds.dll
2015-08-27 10:38:08 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2015-08-27 10:38:08 ----A---- C:\windows\system32\webcheck.dll
2015-08-27 10:38:07 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-08-27 10:38:07 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2015-08-27 10:38:07 ----A---- C:\windows\system32\vbscript.dll
2015-08-27 10:38:07 ----A---- C:\windows\system32\inetcomm.dll
2015-08-27 10:38:07 ----A---- C:\windows\system32\iepeers.dll
2015-08-27 10:38:06 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-08-27 10:38:06 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-08-27 10:38:06 ----A---- C:\windows\system32\jscript.dll
2015-08-27 10:37:33 ----A---- C:\windows\system32\ntoskrnl.exe
2015-08-27 10:37:32 ----A---- C:\windows\system32\ntdll.dll
2015-08-27 10:37:32 ----A---- C:\windows\system32\drivers\mountmgr.sys
2015-08-27 10:37:31 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-08-27 10:37:31 ----A---- C:\windows\system32\sysmain.dll
2015-08-27 10:37:10 ----A---- C:\windows\system32\mstscax.dll
2015-08-27 10:37:09 ----A---- C:\windows\SYSWOW64\rdvidcrl.dll
2015-08-27 10:37:09 ----A---- C:\windows\SYSWOW64\mstscax.dll
2015-08-27 10:37:08 ----A---- C:\windows\system32\rdvidcrl.dll
2015-08-27 10:30:33 ----A---- C:\windows\system32\drivers\WdFilter.sys
2015-08-27 10:30:32 ----A---- C:\windows\system32\drivers\WdBoot.sys
2015-08-27 10:30:31 ----A---- C:\windows\system32\drivers\WdNisDrv.sys
2015-08-27 10:30:23 ----A---- C:\windows\SYSWOW64\WebClnt.dll
2015-08-27 10:30:23 ----A---- C:\windows\system32\WebClnt.dll
2015-08-27 10:30:22 ----A---- C:\windows\SYSWOW64\davclnt.dll
2015-08-27 10:30:22 ----A---- C:\windows\system32\davclnt.dll
2015-08-27 10:30:21 ----A---- C:\windows\system32\csrsrv.dll
2015-08-27 10:30:21 ----A---- C:\windows\system32\basesrv.dll
2015-08-27 10:30:15 ----D---- C:\AdwCleaner
2015-08-27 10:30:08 ----A---- C:\windows\SYSWOW64\notepad.exe
2015-08-27 10:30:08 ----A---- C:\windows\system32\notepad.exe
2015-08-27 10:30:08 ----A---- C:\windows\notepad.exe
2015-08-27 09:59:28 ----A---- C:\IFRToolLog.txt
2015-08-26 21:53:04 ----A---- C:\windows\system32\Windows.UI.Xaml.dll
2015-08-26 21:53:03 ----A---- C:\windows\SYSWOW64\Windows.UI.Xaml.dll
2015-08-26 21:52:59 ----A---- C:\windows\system32\invagent.dll
2015-08-26 21:52:59 ----A---- C:\windows\system32\generaltel.dll
2015-08-26 21:52:59 ----A---- C:\windows\system32\devinv.dll
2015-08-26 21:52:59 ----A---- C:\windows\system32\appraiser.dll
2015-08-26 21:52:58 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-08-26 21:52:58 ----A---- C:\windows\system32\aeinv.dll
2015-08-26 21:52:58 ----A---- C:\windows\system32\acmigration.dll
2015-08-26 21:52:54 ----A---- C:\windows\SYSWOW64\netcfgx.dll
2015-08-26 21:52:54 ----A---- C:\windows\system32\netcfgx.dll
2015-08-26 21:52:54 ----A---- C:\windows\system32\drivers\ndis.sys
2015-08-26 21:52:43 ----A---- C:\windows\system32\drivers\tcpip.sys
2015-08-26 21:52:42 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2015-08-26 20:29:29 ----D---- C:\rsit
2015-08-26 20:29:29 ----D---- C:\Program Files\trend micro
2015-08-26 20:19:28 ----HD---- C:\VTRoot
2015-08-26 20:19:23 ----A---- C:\windows\system32\drivers\fvstore.dat
2015-08-26 20:00:39 ----A---- C:\windows\system32\wuaueng.dll
2015-08-26 20:00:38 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-08-26 20:00:38 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-08-26 20:00:38 ----A---- C:\windows\system32\wudriver.dll
2015-08-26 20:00:38 ----A---- C:\windows\system32\wucltux.dll
2015-08-26 20:00:38 ----A---- C:\windows\system32\wuauclt.exe
2015-08-26 20:00:38 ----A---- C:\windows\system32\wuapi.dll
2015-08-26 20:00:37 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-08-26 20:00:37 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-08-26 20:00:37 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-08-26 20:00:37 ----A---- C:\windows\system32\wuwebv.dll
2015-08-26 20:00:37 ----A---- C:\windows\system32\wuapp.exe
2015-08-02 18:28:30 ----A---- C:\windows\SYSWOW64\ssubtmr6.dll
2015-08-01 00:23:54 ----D---- C:\Games
2015-07-31 21:30:38 ----D---- C:\EarMaster Pro 6
2015-07-31 21:30:37 ----D---- C:\Users\Ondřej\AppData\Roaming\WinRAR
2015-07-31 21:30:17 ----D---- C:\Program Files\WinRAR
======List of files/folders modified in the last 1 month======
2015-08-28 23:14:58 ----D---- C:\windows\Prefetch
2015-08-28 23:13:50 ----D---- C:\windows\Temp
2015-08-28 23:12:42 ----AD---- C:\Windows
2015-08-28 23:06:43 ----D---- C:\windows\system32\config
2015-08-28 23:00:00 ----D---- C:\windows\system32\sru
2015-08-28 22:56:12 ----D---- C:\ProgramData\Lenovo
2015-08-28 22:52:29 ----D---- C:\windows\system32\drivers\etc
2015-08-28 22:51:42 ----D---- C:\windows\Microsoft.NET
2015-08-28 16:06:10 ----RSD---- C:\windows\assembly
2015-08-28 15:53:47 ----RAD---- C:\windows\System32
2015-08-28 15:53:47 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-08-28 15:53:46 ----D---- C:\windows\Inf
2015-08-28 15:50:00 ----D---- C:\windows\WinSxS
2015-08-28 15:49:57 ----D---- C:\windows\SysWOW64
2015-08-28 15:47:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-28 15:46:55 ----D---- C:\windows\system32\drivers\en-US
2015-08-28 15:46:55 ----D---- C:\windows\system32\drivers\cs-CZ
2015-08-28 15:46:55 ----D---- C:\windows\system32\drivers
2015-08-28 15:46:54 ----D---- C:\Program Files\Windows Defender
2015-08-28 15:46:54 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-28 15:46:53 ----D---- C:\Program Files\Internet Explorer
2015-08-28 15:46:53 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-28 12:28:07 ----SHD---- C:\windows\Installer
2015-08-28 12:23:24 ----RD---- C:\Program Files (x86)
2015-08-28 12:23:07 ----D---- C:\windows\Tasks
2015-08-28 12:10:11 ----D---- C:\ProgramData\Package Cache
2015-08-28 11:54:18 ----RD---- C:\Program Files
2015-08-28 11:51:01 ----SHD---- C:\System Volume Information
2015-08-28 11:49:47 ----D---- C:\Program Files (x86)\Steam
2015-08-27 16:41:50 ----D---- C:\windows\CbsTemp
2015-08-27 16:40:56 ----D---- C:\windows\system32\MRT
2015-08-27 16:28:14 ----A---- C:\windows\system32\MRT.exe
2015-08-27 14:32:35 ----A---- C:\windows\SYSWOW64\dns-sd.exe
2015-08-27 14:32:35 ----A---- C:\windows\system32\dns-sd.exe
2015-08-27 14:32:34 ----HD---- C:\ProgramData
2015-08-27 14:31:20 ----SD---- C:\Users\Ondřej\AppData\Roaming\Microsoft
2015-08-27 14:23:12 ----D---- C:\windows\system32\catroot
2015-08-27 14:23:11 ----D---- C:\windows\system32\DriverStore
2015-08-27 14:22:02 ----D---- C:\Program Files\Common Files
2015-08-27 14:22:01 ----D---- C:\Program Files (x86)\Common Files
2015-08-27 12:07:16 ----D---- C:\windows\Panther
2015-08-27 11:47:05 ----HD---- C:\$Windows.~BT
2015-08-27 10:46:05 ----D---- C:\ProgramData\Stardock
2015-08-27 10:33:00 ----D---- C:\windows\system32\Tasks
2015-08-27 10:32:38 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-08-27 10:21:17 ----D---- C:\windows\system32\NDF
2015-08-26 23:41:16 ----D---- C:\windows\system32\wdi
2015-08-26 23:36:58 ----SD---- C:\windows\system32\CompatTel
2015-08-26 23:36:58 ----D---- C:\windows\system32\appraiser
2015-08-26 23:36:57 ----D---- C:\windows\apppatch
2015-08-26 23:35:18 ----D---- C:\Users\Ondřej\AppData\Roaming\vlc
2015-08-26 20:54:00 ----A---- C:\windows\SYSWOW64\taskSchedularLog.txt
2015-08-26 20:39:47 ----D---- C:\Program Files (x86)\Lenovo
2015-08-26 20:39:44 ----D---- C:\Program Files\Lenovo
2015-08-26 20:31:31 ----D---- C:\Users\Ondřej\AppData\Roaming\LSC
2015-08-26 20:27:15 ----D---- C:\windows\Downloaded Installations
2015-08-26 20:03:07 ----D---- C:\Program Files (x86)\Opera
2015-08-26 19:54:29 ----D---- C:\windows\AppReadiness
2015-08-05 02:29:56 ----A---- C:\windows\system32\cmdcsr.dll
2015-08-05 02:29:50 ----A---- C:\windows\SYSWOW64\guard32.dll
2015-08-05 02:29:47 ----A---- C:\windows\system32\guard64.dll
2015-08-05 02:28:50 ----A---- C:\windows\system32\cmdvrt64.dll
2015-08-05 02:28:20 ----A---- C:\windows\system32\cmdkbd64.dll
2015-08-05 02:27:20 ----A---- C:\windows\SYSWOW64\cmdvrt32.dll
2015-08-05 02:26:53 ----A---- C:\windows\SYSWOW64\cmdkbd32.dll
2015-08-02 22:34:32 ----D---- C:\Users\Ondřej\AppData\Roaming\uTorrent
2015-07-29 13:39:33 ----HD---- C:\Program Files\WindowsApps
2015-07-29 13:38:44 ----D---- C:\windows\Logs
2015-07-29 00:20:00 ----D---- C:\ProgramData\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdkmpfd;@oem6.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\windows\System32\drivers\amdkmpfd.sys [2014-10-28 62152]
R0 edevmon;edevmon; C:\windows\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 Fastboot;Fastboot; C:\windows\System32\DRIVERS\Fastboot.sys [2015-07-20 70168]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2014-10-09 1398936]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\windows\System32\DRIVERS\cmderd.sys [2015-08-05 21720]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\system32\DRIVERS\cmdguard.sys [2015-08-05 827632]
R1 cmdhlp;COMODO Internet Security Helper Driver; C:\windows\system32\DRIVERS\cmdhlp.sys [2015-08-05 35056]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 inspect;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2015-08-05 127232]
R1 SCDEmu;SCDEmu; C:\windows\system32\drivers\SCDEmu.sys [2015-06-08 127760]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2015-03-10 159480]
R3 ACPIVPC;@oem40.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2015-03-25 35064]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2014-12-17 18977280]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2014-12-17 591872]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 CnxtHdAudService;@oem11.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-11-12 1535168]
R3 ibtusb;@oem14.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\windows\system32\DRIVERS\ibtusb.sys [2014-08-14 219592]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2015-07-20 4888368]
R3 iwdbus;@oem5.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2015-07-20 30512]
R3 KMDFVirtualKbd;@oem43.inf,%KMDFVirtualKbd.SVCDESC%;Lenovo Virtual Keyboard Device; C:\windows\System32\drivers\KMDFVirtualKbd.sys [2014-08-05 22264]
R3 KMDFVirtualMouse;@oem44.inf,%KMDFVirtualMouse.SVCDESC%;Lenovo Virtual Mouse Device; C:\windows\System32\drivers\KMDFVirtualMouse.sys [2014-08-05 21240]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MEIx64;@oem51.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2014-09-30 129312]
R3 NETwNb64;@oem53.inf,%NIC_Service_DispName_WINB_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 8.1 64 Bit; C:\windows\system32\DRIVERS\Netwbw02.sys [2014-12-08 3494680]
R3 RSUSBVSTOR;@oem18.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2014-03-27 331992]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2014-05-29 873176]
R3 rtsuvc;@oem24.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-10-22 2584280]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-10-21 31472]
R3 SynTP;@oem13.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2014-10-21 549104]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-07-20 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2015-07-20 42288]
S3 IntcDAud;@oem2.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-12-19 455440]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2015-06-18 64216]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-07-20 167424]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2014-12-17 246272]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2015-08-27 345376]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-08-05 5542472]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2014-10-20 207576]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2015-01-28 1349576]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2015-07-20 638368]
R2 FastbootService;FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [2015-07-20 191000]
R2 GDCAgent;GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [2015-06-01 1122744]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-10-09 18584]
R2 ibtsiva.exe;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2014-08-14 121288]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2015-07-20 345864]
R2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-09-03 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-09-03 154584]
R2 Lenovo OKO Service;Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2015-07-20 2742568]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-03-06 584632]
R2 LenovoPAWDService;Lenovo PAWD Service; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [2015-03-25 133440]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-09-03 405976]
R2 OKOControlSvc;OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [2015-07-20 359208]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2015-03-25 321520]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2015-07-20 157088]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 Start8;Stardock Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2014-06-12 143288]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2014-10-21 190704]
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2015-03-25 68880]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R3 LenovoUpdate;lupdate; C:\windows\System32\LenovoUpdate.exe [2015-07-20 26608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-26 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-08-05 2265792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2015-07-20 280840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09 174368]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-08-26 272424]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2015-07-20 268192]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-20 178824]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2015-03-25 338416]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ondřej at 2015-08-28 23:15:33
Microsoft Windows 8.1
System drive C: has 761 GB (84%) free of 911 GB
Total RAM: 8106 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:15:36, on 28. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Users\Ondřej\Desktop\FRSTLauncher.exe
C:\windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroTray.exe
C:\windows\SysWOW64\notepad.exe
C:\Program Files\trend micro\Ondřej.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Vystřihnout záložku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GDCAgent - Unknown owner - C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel Bluetooth Service (ibtsiva.exe) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo OKO Service - Lenovo(beijing) Limited - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo PAWD Service (LenovoPAWDService) - Unknown owner - C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
O23 - Service: lupdate (LenovoUpdate) - Unknown owner - C:\windows\System32\LenovoUpdate.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: OKOControlSvc - Lenovo(beijing) Limited - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 15287 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe"
"C:\Program Files (x86)\Stardock\Start8\Start8_64.exe" START
C:\windows\system32\WLANExt.exe 570448896320
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\windows\system32\CxAudMsg64.exe
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
dashost.exe {c8e94fd5-445b-4997-8512d8878933fcad}
"C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\SysWOW64\SAsrv.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
System32\LenovoUpdate.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9c1d844e-fef1-44f7-80b9-43f7ed7a8efa -SystemEventPortName:HostProcess-5b73b61f-dd7c-4f1e-9d46-4277f078ae45 -IoCancelEventPortName:HostProcess-b00237e6-3ae0-4d42-957a-0b281965c15d -NonStateChangingEventPortName:HostProcess-f241d076-934c-4e2a-aabf-c6b542744a57 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8f7e8c18-59fc-46d8-b38e-d2b4543cd3ad -DeviceGroupId:WudfDefaultDevicePool
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
atieclxx
"C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\Explorer.EXE
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\windows\system32\GWX\GWX.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\LenovoUtility\utility.exe"
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe" /run
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe" /hide
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x19f8_0x490_0xd0928727a"
"C:\Users\Ondřej\AppData\Local\Apps\2.0\E3CEQ2Z0.2J2\KZQ0ETDD.T46\lsb...tion_91a10ba61c75c82d_0001.0004_53146ffb7155a994\LSB.exe"
"C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store
"C:\Users\Ondřej\Desktop\FRSTLauncher.exe"
\??\C:\windows\system32\conhost.exe 0x4
cmd.exe /c C:\Users\ONDEJ~1\AppData\Local\Temp\~8995.bat "C:\Users\Ondřej\Desktop\FRSTLauncher.exe"
C:\windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroTray.exe"
notepad FRST.txt
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
C:\windows\System32\ThumbnailExtractionHost.exe -Embedding
"C:\Users\Ondřej\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.CZE
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01 629256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03 141496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03 141496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03 141496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-10-09 36352]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-20 919768]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-10-21 2809072]
"RtsFT"=C:\windows\RTFTrack.exe [2014-10-22 4060376]
"LenovoUtility"=C:\Program Files\Lenovo\LenovoUtility\utility.exe [2015-03-25 791368]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2015-03-25 802800]
"OneKeyOptimizer"=C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [2015-07-20 605992]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-01-28 5595848]
"COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-05 1427648]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30 500936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-08-19 2899136]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-29 53282944]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-08-26 22344224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"AdobeCEPServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [2013-05-16 1039240]
""= []
"WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2015-07-20 5564784]
C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"Max Cached Icons"=2000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-28 23:10:05 ----D---- C:\FRST
2015-08-28 12:10:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-28 11:52:01 ----SHD---- C:\Config.Msi
2015-08-27 14:32:52 ----D---- C:\Users\Ondřej\AppData\Roaming\com.wd.WDMyCloud
2015-08-27 14:32:34 ----D---- C:\ProgramData\Apple
2015-08-27 14:32:34 ----D---- C:\Program Files\Bonjour
2015-08-27 14:32:34 ----D---- C:\Program Files (x86)\Bonjour
2015-08-27 14:22:02 ----D---- C:\Program Files\Common Files\Western Digital
2015-08-27 14:22:01 ----D---- C:\ProgramData\Western Digital
2015-08-27 14:22:01 ----D---- C:\Program Files (x86)\Western Digital
2015-08-27 12:44:53 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-27 12:44:53 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-27 11:31:27 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-27 11:30:21 ----D---- C:\ProgramData\Malwarebytes
2015-08-27 11:30:21 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-27 11:30:21 ----A---- C:\windows\system32\drivers\mwac.sys
2015-08-27 11:30:21 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2015-08-27 11:30:21 ----A---- C:\windows\system32\drivers\mbam.sys
2015-08-27 10:42:43 ----A---- C:\windows\SYSWOW64\msxml6.dll
2015-08-27 10:42:43 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-08-27 10:42:43 ----A---- C:\windows\system32\msxml6.dll
2015-08-27 10:42:43 ----A---- C:\windows\system32\msxml3.dll
2015-08-27 10:42:42 ----A---- C:\windows\system32\win32k.sys
2015-08-27 10:42:41 ----A---- C:\windows\system32\FntCache.dll
2015-08-27 10:42:41 ----A---- C:\windows\system32\DWrite.dll
2015-08-27 10:42:40 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-08-27 10:42:40 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-08-27 10:42:40 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-08-27 10:42:40 ----A---- C:\windows\system32\atmlib.dll
2015-08-27 10:42:40 ----A---- C:\windows\system32\atmfd.dll
2015-08-27 10:38:30 ----A---- C:\windows\system32\mshtml.dll
2015-08-27 10:38:26 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-08-27 10:38:22 ----A---- C:\windows\system32\ieframe.dll
2015-08-27 10:38:20 ----A---- C:\windows\system32\jscript9.dll
2015-08-27 10:38:19 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-08-27 10:38:17 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-08-27 10:38:17 ----A---- C:\windows\system32\wininet.dll
2015-08-27 10:38:17 ----A---- C:\windows\system32\ieui.dll
2015-08-27 10:38:16 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-08-27 10:38:15 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-08-27 10:38:15 ----A---- C:\windows\system32\actxprxy.dll
2015-08-27 10:38:14 ----A---- C:\windows\system32\urlmon.dll
2015-08-27 10:38:13 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-08-27 10:38:13 ----A---- C:\windows\system32\ieapfltr.dll
2015-08-27 10:38:12 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-08-27 10:38:10 ----A---- C:\windows\system32\iertutil.dll
2015-08-27 10:38:09 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-08-27 10:38:09 ----A---- C:\windows\system32\msfeeds.dll
2015-08-27 10:38:08 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2015-08-27 10:38:08 ----A---- C:\windows\system32\webcheck.dll
2015-08-27 10:38:07 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-08-27 10:38:07 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2015-08-27 10:38:07 ----A---- C:\windows\system32\vbscript.dll
2015-08-27 10:38:07 ----A---- C:\windows\system32\inetcomm.dll
2015-08-27 10:38:07 ----A---- C:\windows\system32\iepeers.dll
2015-08-27 10:38:06 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-08-27 10:38:06 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-08-27 10:38:06 ----A---- C:\windows\system32\jscript.dll
2015-08-27 10:37:33 ----A---- C:\windows\system32\ntoskrnl.exe
2015-08-27 10:37:32 ----A---- C:\windows\system32\ntdll.dll
2015-08-27 10:37:32 ----A---- C:\windows\system32\drivers\mountmgr.sys
2015-08-27 10:37:31 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-08-27 10:37:31 ----A---- C:\windows\system32\sysmain.dll
2015-08-27 10:37:10 ----A---- C:\windows\system32\mstscax.dll
2015-08-27 10:37:09 ----A---- C:\windows\SYSWOW64\rdvidcrl.dll
2015-08-27 10:37:09 ----A---- C:\windows\SYSWOW64\mstscax.dll
2015-08-27 10:37:08 ----A---- C:\windows\system32\rdvidcrl.dll
2015-08-27 10:30:33 ----A---- C:\windows\system32\drivers\WdFilter.sys
2015-08-27 10:30:32 ----A---- C:\windows\system32\drivers\WdBoot.sys
2015-08-27 10:30:31 ----A---- C:\windows\system32\drivers\WdNisDrv.sys
2015-08-27 10:30:23 ----A---- C:\windows\SYSWOW64\WebClnt.dll
2015-08-27 10:30:23 ----A---- C:\windows\system32\WebClnt.dll
2015-08-27 10:30:22 ----A---- C:\windows\SYSWOW64\davclnt.dll
2015-08-27 10:30:22 ----A---- C:\windows\system32\davclnt.dll
2015-08-27 10:30:21 ----A---- C:\windows\system32\csrsrv.dll
2015-08-27 10:30:21 ----A---- C:\windows\system32\basesrv.dll
2015-08-27 10:30:15 ----D---- C:\AdwCleaner
2015-08-27 10:30:08 ----A---- C:\windows\SYSWOW64\notepad.exe
2015-08-27 10:30:08 ----A---- C:\windows\system32\notepad.exe
2015-08-27 10:30:08 ----A---- C:\windows\notepad.exe
2015-08-27 09:59:28 ----A---- C:\IFRToolLog.txt
2015-08-26 21:53:04 ----A---- C:\windows\system32\Windows.UI.Xaml.dll
2015-08-26 21:53:03 ----A---- C:\windows\SYSWOW64\Windows.UI.Xaml.dll
2015-08-26 21:52:59 ----A---- C:\windows\system32\invagent.dll
2015-08-26 21:52:59 ----A---- C:\windows\system32\generaltel.dll
2015-08-26 21:52:59 ----A---- C:\windows\system32\devinv.dll
2015-08-26 21:52:59 ----A---- C:\windows\system32\appraiser.dll
2015-08-26 21:52:58 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-08-26 21:52:58 ----A---- C:\windows\system32\aeinv.dll
2015-08-26 21:52:58 ----A---- C:\windows\system32\acmigration.dll
2015-08-26 21:52:54 ----A---- C:\windows\SYSWOW64\netcfgx.dll
2015-08-26 21:52:54 ----A---- C:\windows\system32\netcfgx.dll
2015-08-26 21:52:54 ----A---- C:\windows\system32\drivers\ndis.sys
2015-08-26 21:52:43 ----A---- C:\windows\system32\drivers\tcpip.sys
2015-08-26 21:52:42 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2015-08-26 20:29:29 ----D---- C:\rsit
2015-08-26 20:29:29 ----D---- C:\Program Files\trend micro
2015-08-26 20:19:28 ----HD---- C:\VTRoot
2015-08-26 20:19:23 ----A---- C:\windows\system32\drivers\fvstore.dat
2015-08-26 20:00:39 ----A---- C:\windows\system32\wuaueng.dll
2015-08-26 20:00:38 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-08-26 20:00:38 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-08-26 20:00:38 ----A---- C:\windows\system32\wudriver.dll
2015-08-26 20:00:38 ----A---- C:\windows\system32\wucltux.dll
2015-08-26 20:00:38 ----A---- C:\windows\system32\wuauclt.exe
2015-08-26 20:00:38 ----A---- C:\windows\system32\wuapi.dll
2015-08-26 20:00:37 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-08-26 20:00:37 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-08-26 20:00:37 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-08-26 20:00:37 ----A---- C:\windows\system32\wuwebv.dll
2015-08-26 20:00:37 ----A---- C:\windows\system32\wuapp.exe
2015-08-02 18:28:30 ----A---- C:\windows\SYSWOW64\ssubtmr6.dll
2015-08-01 00:23:54 ----D---- C:\Games
2015-07-31 21:30:38 ----D---- C:\EarMaster Pro 6
2015-07-31 21:30:37 ----D---- C:\Users\Ondřej\AppData\Roaming\WinRAR
2015-07-31 21:30:17 ----D---- C:\Program Files\WinRAR
======List of files/folders modified in the last 1 month======
2015-08-28 23:14:58 ----D---- C:\windows\Prefetch
2015-08-28 23:13:50 ----D---- C:\windows\Temp
2015-08-28 23:12:42 ----AD---- C:\Windows
2015-08-28 23:06:43 ----D---- C:\windows\system32\config
2015-08-28 23:00:00 ----D---- C:\windows\system32\sru
2015-08-28 22:56:12 ----D---- C:\ProgramData\Lenovo
2015-08-28 22:52:29 ----D---- C:\windows\system32\drivers\etc
2015-08-28 22:51:42 ----D---- C:\windows\Microsoft.NET
2015-08-28 16:06:10 ----RSD---- C:\windows\assembly
2015-08-28 15:53:47 ----RAD---- C:\windows\System32
2015-08-28 15:53:47 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-08-28 15:53:46 ----D---- C:\windows\Inf
2015-08-28 15:50:00 ----D---- C:\windows\WinSxS
2015-08-28 15:49:57 ----D---- C:\windows\SysWOW64
2015-08-28 15:47:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-28 15:46:55 ----D---- C:\windows\system32\drivers\en-US
2015-08-28 15:46:55 ----D---- C:\windows\system32\drivers\cs-CZ
2015-08-28 15:46:55 ----D---- C:\windows\system32\drivers
2015-08-28 15:46:54 ----D---- C:\Program Files\Windows Defender
2015-08-28 15:46:54 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-28 15:46:53 ----D---- C:\Program Files\Internet Explorer
2015-08-28 15:46:53 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-28 12:28:07 ----SHD---- C:\windows\Installer
2015-08-28 12:23:24 ----RD---- C:\Program Files (x86)
2015-08-28 12:23:07 ----D---- C:\windows\Tasks
2015-08-28 12:10:11 ----D---- C:\ProgramData\Package Cache
2015-08-28 11:54:18 ----RD---- C:\Program Files
2015-08-28 11:51:01 ----SHD---- C:\System Volume Information
2015-08-28 11:49:47 ----D---- C:\Program Files (x86)\Steam
2015-08-27 16:41:50 ----D---- C:\windows\CbsTemp
2015-08-27 16:40:56 ----D---- C:\windows\system32\MRT
2015-08-27 16:28:14 ----A---- C:\windows\system32\MRT.exe
2015-08-27 14:32:35 ----A---- C:\windows\SYSWOW64\dns-sd.exe
2015-08-27 14:32:35 ----A---- C:\windows\system32\dns-sd.exe
2015-08-27 14:32:34 ----HD---- C:\ProgramData
2015-08-27 14:31:20 ----SD---- C:\Users\Ondřej\AppData\Roaming\Microsoft
2015-08-27 14:23:12 ----D---- C:\windows\system32\catroot
2015-08-27 14:23:11 ----D---- C:\windows\system32\DriverStore
2015-08-27 14:22:02 ----D---- C:\Program Files\Common Files
2015-08-27 14:22:01 ----D---- C:\Program Files (x86)\Common Files
2015-08-27 12:07:16 ----D---- C:\windows\Panther
2015-08-27 11:47:05 ----HD---- C:\$Windows.~BT
2015-08-27 10:46:05 ----D---- C:\ProgramData\Stardock
2015-08-27 10:33:00 ----D---- C:\windows\system32\Tasks
2015-08-27 10:32:38 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-08-27 10:21:17 ----D---- C:\windows\system32\NDF
2015-08-26 23:41:16 ----D---- C:\windows\system32\wdi
2015-08-26 23:36:58 ----SD---- C:\windows\system32\CompatTel
2015-08-26 23:36:58 ----D---- C:\windows\system32\appraiser
2015-08-26 23:36:57 ----D---- C:\windows\apppatch
2015-08-26 23:35:18 ----D---- C:\Users\Ondřej\AppData\Roaming\vlc
2015-08-26 20:54:00 ----A---- C:\windows\SYSWOW64\taskSchedularLog.txt
2015-08-26 20:39:47 ----D---- C:\Program Files (x86)\Lenovo
2015-08-26 20:39:44 ----D---- C:\Program Files\Lenovo
2015-08-26 20:31:31 ----D---- C:\Users\Ondřej\AppData\Roaming\LSC
2015-08-26 20:27:15 ----D---- C:\windows\Downloaded Installations
2015-08-26 20:03:07 ----D---- C:\Program Files (x86)\Opera
2015-08-26 19:54:29 ----D---- C:\windows\AppReadiness
2015-08-05 02:29:56 ----A---- C:\windows\system32\cmdcsr.dll
2015-08-05 02:29:50 ----A---- C:\windows\SYSWOW64\guard32.dll
2015-08-05 02:29:47 ----A---- C:\windows\system32\guard64.dll
2015-08-05 02:28:50 ----A---- C:\windows\system32\cmdvrt64.dll
2015-08-05 02:28:20 ----A---- C:\windows\system32\cmdkbd64.dll
2015-08-05 02:27:20 ----A---- C:\windows\SYSWOW64\cmdvrt32.dll
2015-08-05 02:26:53 ----A---- C:\windows\SYSWOW64\cmdkbd32.dll
2015-08-02 22:34:32 ----D---- C:\Users\Ondřej\AppData\Roaming\uTorrent
2015-07-29 13:39:33 ----HD---- C:\Program Files\WindowsApps
2015-07-29 13:38:44 ----D---- C:\windows\Logs
2015-07-29 00:20:00 ----D---- C:\ProgramData\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdkmpfd;@oem6.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\windows\System32\drivers\amdkmpfd.sys [2014-10-28 62152]
R0 edevmon;edevmon; C:\windows\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 Fastboot;Fastboot; C:\windows\System32\DRIVERS\Fastboot.sys [2015-07-20 70168]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2014-10-09 1398936]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\windows\System32\DRIVERS\cmderd.sys [2015-08-05 21720]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\system32\DRIVERS\cmdguard.sys [2015-08-05 827632]
R1 cmdhlp;COMODO Internet Security Helper Driver; C:\windows\system32\DRIVERS\cmdhlp.sys [2015-08-05 35056]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 inspect;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2015-08-05 127232]
R1 SCDEmu;SCDEmu; C:\windows\system32\drivers\SCDEmu.sys [2015-06-08 127760]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2015-03-10 159480]
R3 ACPIVPC;@oem40.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2015-03-25 35064]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2014-12-17 18977280]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2014-12-17 591872]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 CnxtHdAudService;@oem11.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-11-12 1535168]
R3 ibtusb;@oem14.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\windows\system32\DRIVERS\ibtusb.sys [2014-08-14 219592]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2015-07-20 4888368]
R3 iwdbus;@oem5.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2015-07-20 30512]
R3 KMDFVirtualKbd;@oem43.inf,%KMDFVirtualKbd.SVCDESC%;Lenovo Virtual Keyboard Device; C:\windows\System32\drivers\KMDFVirtualKbd.sys [2014-08-05 22264]
R3 KMDFVirtualMouse;@oem44.inf,%KMDFVirtualMouse.SVCDESC%;Lenovo Virtual Mouse Device; C:\windows\System32\drivers\KMDFVirtualMouse.sys [2014-08-05 21240]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MEIx64;@oem51.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2014-09-30 129312]
R3 NETwNb64;@oem53.inf,%NIC_Service_DispName_WINB_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 8.1 64 Bit; C:\windows\system32\DRIVERS\Netwbw02.sys [2014-12-08 3494680]
R3 RSUSBVSTOR;@oem18.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2014-03-27 331992]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2014-05-29 873176]
R3 rtsuvc;@oem24.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-10-22 2584280]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-10-21 31472]
R3 SynTP;@oem13.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2014-10-21 549104]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-07-20 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2015-07-20 42288]
S3 IntcDAud;@oem2.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-12-19 455440]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2015-06-18 64216]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-07-20 167424]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2014-12-17 246272]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2015-08-27 345376]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-08-05 5542472]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2014-10-20 207576]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2015-01-28 1349576]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2015-07-20 638368]
R2 FastbootService;FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [2015-07-20 191000]
R2 GDCAgent;GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [2015-06-01 1122744]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-10-09 18584]
R2 ibtsiva.exe;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2014-08-14 121288]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2015-07-20 345864]
R2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-09-03 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-09-03 154584]
R2 Lenovo OKO Service;Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2015-07-20 2742568]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-03-06 584632]
R2 LenovoPAWDService;Lenovo PAWD Service; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [2015-03-25 133440]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-09-03 405976]
R2 OKOControlSvc;OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [2015-07-20 359208]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2015-03-25 321520]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2015-07-20 157088]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 Start8;Stardock Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2014-06-12 143288]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2014-10-21 190704]
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2015-03-25 68880]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R3 LenovoUpdate;lupdate; C:\windows\System32\LenovoUpdate.exe [2015-07-20 26608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-26 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-08-05 2265792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2015-07-20 280840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09 174368]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-08-26 272424]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2015-07-20 268192]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-20 178824]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2015-03-25 338416]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
-----------------EOF-----------------
Re: Preventivka
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-08-2015
Ran by Ondřej (administrator) on ONDREJ (28-08-2015 23:10:25)
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej (Available Profiles: Ondřej)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FBService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Lenovo) C:\Windows\System32\LenovoUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Users\Ondřej\AppData\Local\Apps\2.0\E3CEQ2Z0.2J2\KZQ0ETDD.T46\lsb...tion_91a10ba61c75c82d_0001.0004_53146ffb7155a994\LSB.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(forum.viry.cz) C:\Users\Ondřej\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2809072 2014-10-21] (Synaptics Incorporated)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [4060376 2014-10-22] (Realtek semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791368 2015-03-25] ()
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2015-03-25] (Lenovo)
HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [605992 2015-07-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-01-28] (ESET)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-05] (COMODO)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.)
HKLM\...\Policies\Explorer: [Max Cached Icons] 2000
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22344224 2015-08-26] (Google)
Startup: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-07-20]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{488BC3FC-E1F1-49E4-AC08-347319CB48E6}: [DhcpNameServer] 213.46.172.36 213.46.172.37
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-26] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-26] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Extension: Disconnect - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\2.0@disconnect.me.xpi [2015-07-20]
FF Extension: YouTube Enhancer Plus - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\firefoxaddon@youtubeenhancer.com.xpi [2015-07-20]
FF Extension: Translate This! - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2015-07-21]
FF Extension: Lightbeam - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-07-20]
FF Extension: Clearly - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\readable@evernote.com.xpi [2015-07-20]
FF Extension: Send to Kindle for Mozilla Firefox - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\sendtokindle@amazon.com.xpi [2015-07-20]
FF Extension: NoScript - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-07-20]
FF Extension: Adblock Plus - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-20]
FF Extension: Evernote Web Clipper - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-07-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-07-20]
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\sendtokindle@amazon.com.xpi [not found]
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\readable@evernote.com.xpi [not found]
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\firefoxaddon@youtubeenhancer.com.xpi [not found]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-08-05] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-05] (COMODO)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [191000 2015-07-20] (Lenovo)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1122744 2015-06-01] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation)
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-14] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-07-20] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2742568 2015-07-20] (Lenovo(beijing) Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-03-25] ()
R3 LenovoUpdate; C:\Windows\System32\LenovoUpdate.exe [26608 2015-07-20] (Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-26] (Lenovo)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-07-20] ()
R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [359208 2015-07-20] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-03-25] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-03-25] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-06-12] (Stardock Software, Inc)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-10-21] (Synaptics Incorporated)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2015-03-25] ()
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-08-27] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-08-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-07-20] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-08-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [827632 2015-08-05] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-08-05] (COMODO)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [159480 2015-03-10] (ESET)
R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70168 2015-07-20] (Windows (R) Win 7 DDK provider)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [219592 2014-08-14] (Intel Corporation)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127232 2015-08-05] (COMODO)
R3 KMDFVirtualKbd; C:\Windows\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-05] ()
R3 KMDFVirtualMouse; C:\Windows\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-05] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3494680 2014-12-08] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [2584280 2014-10-22] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-10-21] (Synaptics Incorporated)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-28 23:10 - 2015-08-28 23:11 - 00024146 _____ C:\Users\Ondřej\Desktop\FRST.txt
2015-08-28 23:10 - 2015-08-28 23:10 - 00000000 ____D C:\FRST
2015-08-28 23:08 - 2015-08-28 23:08 - 00112640 _____ (forum.viry.cz) C:\Users\Ondřej\Desktop\FRSTLauncher.exe
2015-08-28 13:25 - 2015-08-28 14:14 - 857143556 _____ C:\Users\Ondřej\Downloads\Vinnetou---Rudý-gentleman-1964-CZdabing-DVDRip.avi
2015-08-28 12:10 - 2015-08-28 15:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-28 11:41 - 2015-08-28 11:41 - 02186752 _____ (Farbar) C:\Users\Ondřej\Desktop\FRST64.exe
2015-08-27 14:32 - 2015-08-27 14:33 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\com.wd.WDMyCloud
2015-08-27 14:32 - 2015-08-27 14:32 - 00001180 _____ C:\Users\Public\Desktop\WD My Cloud.lnk
2015-08-27 14:32 - 2015-08-27 14:32 - 00000000 ____D C:\ProgramData\Apple
2015-08-27 14:32 - 2015-08-27 14:32 - 00000000 ____D C:\Program Files\Bonjour
2015-08-27 14:32 - 2015-08-27 14:32 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-27 14:29 - 2015-08-27 14:30 - 63831744 _____ C:\Users\Ondřej\Downloads\WDMyCloud_win.exe
2015-08-27 14:26 - 2015-08-27 14:32 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Western Digital
2015-08-27 14:23 - 2015-08-27 14:40 - 252879338 _____ C:\Users\Ondřej\Downloads\Zabelov Group - Secret Session.zip
2015-08-27 14:23 - 2015-08-27 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2015-08-27 14:23 - 2015-08-27 14:23 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Western_Digital_Technolog
2015-08-27 14:22 - 2015-08-28 11:54 - 00000000 ____D C:\ProgramData\Western Digital
2015-08-27 14:22 - 2015-08-28 11:54 - 00000000 ____D C:\Program Files\Common Files\Western Digital
2015-08-27 14:22 - 2015-08-28 11:54 - 00000000 ____D C:\Program Files (x86)\Western Digital
2015-08-27 14:16 - 2015-08-27 14:16 - 41943883 _____ C:\Users\Ondřej\Downloads\WD_SmartWare_Installer_2.4.12.1.zip
2015-08-27 12:44 - 2015-08-27 12:44 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-27 12:44 - 2015-08-27 12:44 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-27 11:31 - 2015-08-28 11:40 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-27 11:30 - 2015-08-27 11:30 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-27 11:30 - 2015-08-27 11:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-27 11:30 - 2015-08-27 11:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-27 11:30 - 2015-08-27 11:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-27 11:30 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-08-27 11:30 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-08-27 11:30 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-08-27 11:28 - 2015-08-27 11:28 - 00000000 ____D C:\Users\Ondřej\Desktop\CrystalDiskInfo5_0_0
2015-08-27 10:42 - 2015-08-27 10:42 - 04177408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-27 10:42 - 2015-08-27 10:42 - 02529880 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 02345472 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 01994752 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 01901776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 01559552 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 01556992 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 01381888 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 00358912 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 00301568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 25192448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 19870208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 14451200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 12856832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 02880000 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 02427904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-08-27 10:38 - 2015-08-27 10:38 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 01048576 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-08-27 10:38 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-08-27 10:38 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-08-27 10:37 - 2015-08-27 10:37 - 07458648 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-27 10:37 - 2015-08-27 10:37 - 07032320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 06213120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 01735000 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 01499920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 01101824 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 00101720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-27 10:30 - 2015-08-27 10:32 - 00000000 ____D C:\AdwCleaner
2015-08-27 10:30 - 2015-08-27 10:30 - 00270168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2015-08-27 10:30 - 2015-08-27 10:30 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-27 10:30 - 2015-08-27 10:30 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-27 10:30 - 2015-08-27 10:30 - 00221184 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-27 10:30 - 2015-08-27 10:30 - 00212992 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-08-27 10:30 - 2015-08-27 10:30 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-08-27 10:30 - 2015-08-27 10:30 - 00114520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdNisDrv.sys
2015-08-27 10:30 - 2015-08-27 10:30 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-27 10:30 - 2015-08-27 10:30 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-08-27 10:30 - 2015-08-27 10:30 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-27 10:30 - 2015-08-27 10:30 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-27 10:30 - 2015-08-27 10:30 - 00044560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2015-08-27 10:29 - 2015-08-27 10:29 - 01618432 _____ C:\Users\Ondřej\Desktop\adwcleaner_5.004.exe
2015-08-26 23:40 - 2015-08-28 15:45 - 01458419 _____ C:\windows\WindowsUpdate.log
2015-08-26 23:37 - 2015-08-28 15:47 - 00173924 _____ C:\windows\PFRO.log
2015-08-26 21:53 - 2015-08-26 21:53 - 18823680 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2015-08-26 21:53 - 2015-08-26 21:53 - 15159296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-26 21:53 - 2015-06-09 20:27 - 00411133 _____ C:\windows\system32\ApnDatabase.xml
2015-08-26 21:52 - 2015-08-26 21:52 - 02476376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2015-08-26 21:52 - 2015-08-26 21:52 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 01116160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 01113944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2015-08-26 21:52 - 2015-08-26 21:52 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 00743424 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 00487256 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 00437248 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 00428888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2015-08-26 21:52 - 2015-08-26 21:52 - 00393560 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 00025776 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-26 20:30 - 2015-08-26 20:30 - 00002018 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2015-08-26 20:29 - 2015-08-28 23:04 - 00000000 ____D C:\Program Files\trend micro
2015-08-26 20:29 - 2015-08-26 20:29 - 00000000 ____D C:\rsit
2015-08-26 20:28 - 2015-08-26 20:28 - 01222144 _____ C:\Users\Ondřej\Desktop\RSITx64.exe
2015-08-26 20:23 - 2015-08-26 20:23 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2015-08-26 20:23 - 2015-08-26 20:23 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2015-08-26 20:19 - 2015-08-26 23:37 - 00003244 _____ C:\windows\system32\Drivers\fvstore.dat
2015-08-26 20:19 - 2015-08-26 20:19 - 00000000 ___HD C:\VTRoot
2015-08-26 20:18 - 2015-08-26 20:18 - 00003028 _____ C:\windows\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2015-08-26 20:00 - 2015-08-26 20:00 - 03704320 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 02228736 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00891904 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-08-26 20:00 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-08-26 20:00 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-08-26 19:56 - 2015-08-26 22:13 - 2412965518 _____ C:\Users\Ondřej\Downloads\Vinnetou-_-Winnetou-I-1963,-CZ.mkv.part
2015-08-05 22:12 - 2015-08-05 23:07 - 998987160 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto---7.Konkurence.avi
2015-08-02 21:14 - 2015-08-02 21:23 - 00000000 ____D C:\Users\Ondřej\Downloads\The Office (UK) Series 1 + 2 Christmas Specials And Extras
2015-08-02 21:13 - 2015-08-02 21:13 - 00047758 _____ C:\Users\Ondřej\Downloads\[kat.cr]the.office.series.1.2.christmas.specials.and.extras.uk.torrent
2015-08-02 21:10 - 2015-08-02 21:22 - 00000000 ____D C:\Users\Ondřej\Downloads\The.IT.Crowd.The.Internet.is.Coming.720p.WEB-DL.AAC.2.0.H.264-Positive [PublicHD]
2015-08-02 18:28 - 2015-08-02 18:28 - 00040960 _____ (vbAccelerator) C:\windows\SysWOW64\ssubtmr6.dll
2015-08-02 18:28 - 2015-08-02 18:28 - 00036864 _____ (Robdogg Inc.) C:\windows\SysWOW64\trayicon_handler.ocx
2015-08-02 18:27 - 2015-08-02 18:28 - 12951423 _____ (Dennis Meuwissen ) C:\Users\Ondřej\Downloads\dvdflick_setup_1.3.0.7.exe
2015-08-02 16:18 - 2015-08-02 17:24 - 00000000 ____D C:\Users\Ondřej\Downloads\Black Books Series 1-3 +Extras (SUBS-EN) DVD-RIP x264-S4L
2015-08-02 09:27 - 2015-08-03 21:26 - 00042496 ___SH C:\Users\Ondřej\Downloads\Thumbs.db
2015-08-02 09:25 - 2015-08-02 09:25 - 00052383 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E05.HDTV.x264-ASAP.srt
2015-08-02 09:25 - 2015-08-02 09:25 - 00048473 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E03.HDTV.x264-ASAP.srt
2015-08-02 09:25 - 2015-08-02 09:25 - 00034322 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E06.HDTV.x264-KILLERS.srt
2015-08-02 09:24 - 2015-08-02 09:24 - 00043748 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E04.HDTV.x264-ASAP.srt
2015-08-02 09:22 - 2015-08-02 09:22 - 00051995 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E02.HDTV.x264-ASAP.srt
2015-08-02 09:22 - 2015-08-02 09:22 - 00041374 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E01.HDTV.x264-KILLERS.srt
2015-08-02 09:19 - 2015-08-02 09:18 - 375010225 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E06.HDTV.x264-KILLERS.mp4
2015-08-02 09:19 - 2015-08-02 09:17 - 386767635 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E04.HDTV.x264-ASAP.mp4
2015-08-02 09:19 - 2015-08-02 09:17 - 342306904 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E05.HDTV.x264-ASAP.mp4
2015-08-02 09:19 - 2015-08-02 09:16 - 336767297 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E03.HDTV.x264-ASAP.mp4
2015-08-02 09:19 - 2015-08-02 09:15 - 325581650 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E02.HDTV.x264-ASAP.mp4
2015-08-02 09:18 - 2015-08-02 09:16 - 412224492 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E01.HDTV.x264-KILLERS.mp4
2015-08-01 17:05 - 2015-08-01 18:02 - 1005481832 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto---6.Natrvalo.avi
2015-08-01 00:23 - 2015-08-28 12:10 - 00000000 ____D C:\Games
2015-07-31 21:30 - 2015-07-31 21:30 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\WinRAR
2015-07-31 21:30 - 2015-07-31 21:30 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-31 21:30 - 2015-07-31 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-31 21:30 - 2015-07-31 21:30 - 00000000 ____D C:\Program Files\WinRAR
2015-07-31 21:30 - 2015-07-31 21:30 - 00000000 ____D C:\EarMaster Pro 6
2015-07-31 21:27 - 2015-08-02 11:16 - 00000000 ____D C:\Users\Ondřej\Downloads\EarMaster Pro 6.1.0.645PW Multilingual Portable [oddsox]
2015-07-31 20:57 - 2015-07-31 21:54 - 1007928956 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto---5.Maringotka-číslo-osm.avi
2015-07-31 19:27 - 2015-07-31 20:25 - 1008373330 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto---4.Nový-domov.avi
2015-07-31 16:53 - 2015-07-31 19:27 - 1005242032 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto---3.Carlo-se-loučí.avi
2015-07-31 14:16 - 2015-07-31 14:57 - 734271488 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto-2-Nabídka-ke-sňatku.avi
2015-07-30 21:53 - 2015-07-30 21:53 - 00000000 ____D C:\Users\Ondřej\Downloads\DNS-320L_LW_sw_revA3_5-2-0_Storage_Utility_Win_eu_en_20150202
2015-07-30 21:35 - 2015-07-30 21:35 - 00000000 ____D C:\Users\Ondřej\Downloads\DNS-320L_sw_revA3_1-2-0-5_eu_multi_20150202
2015-07-30 21:32 - 2015-07-31 14:43 - 00000000 ____D C:\Users\Ondřej\Downloads\DNS-320L_fw_revA3_1-04b12_all_en_20150202
2015-07-30 21:18 - 2015-07-30 21:59 - 734300160 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto-1-Návrat.avi
2015-07-30 15:34 - 2015-07-30 15:34 - 00003224 _____ C:\Users\Ondřej\Desktop\CraftWorld.lnk
2015-07-29 00:34 - 2015-07-29 00:35 - 00000000 ____D C:\Users\Ondřej\Downloads\How It Works Book of Incredible Earth (3rd Revised Edition)
2015-07-29 00:33 - 2015-07-31 21:58 - 00000000 ____D C:\Users\Ondřej\Downloads\Kings.Quest.Chapter.1-CODEX
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-28 23:02 - 2015-07-28 00:38 - 00007629 _____ C:\windows\setupact.log
2015-08-28 23:00 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\sru
2015-08-28 22:56 - 2015-03-25 02:43 - 00000000 ____D C:\ProgramData\Lenovo
2015-08-28 22:53 - 2015-07-20 23:51 - 00000000 ___RD C:\Users\Ondřej\Disk Google
2015-08-28 22:53 - 2015-07-20 16:28 - 00000000 ____D C:\Users\Ondřej\OneDrive
2015-08-28 22:52 - 2015-07-27 23:45 - 00000952 _____ C:\windows\lupdate.log
2015-08-28 22:52 - 2015-07-20 21:17 - 00000970 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-28 22:51 - 2015-03-25 02:29 - 00016979 _____ C:\windows\SysWOW64\Gms.log
2015-08-28 15:53 - 2015-03-25 02:10 - 00965776 _____ C:\windows\system32\perfh005.dat
2015-08-28 15:53 - 2015-03-25 02:10 - 00232044 _____ C:\windows\system32\perfc005.dat
2015-08-28 15:53 - 2014-03-18 11:53 - 02058428 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-28 15:49 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-28 15:49 - 2013-08-22 16:44 - 05157752 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-28 15:47 - 2015-07-20 16:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-28 15:47 - 2015-03-25 03:11 - 00004608 _____ C:\windows\system32\VfService.trf
2015-08-28 15:46 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-28 15:46 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-28 15:46 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-28 15:46 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-28 15:45 - 2015-03-25 02:24 - 01074018 _____ C:\Users\Public\CAFADEBUG.log
2015-08-28 15:28 - 2015-07-20 21:17 - 00000974 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-28 15:16 - 2015-07-27 23:09 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-28 12:50 - 2015-07-20 16:33 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3150350679-1446840329-1987453535-1001
2015-08-28 12:23 - 2015-07-20 21:17 - 00003946 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-28 12:23 - 2015-07-20 21:17 - 00003710 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-28 12:10 - 2015-03-25 02:03 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-28 11:56 - 2015-07-20 16:29 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Adobe
2015-08-28 11:49 - 2015-07-20 23:47 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-27 16:41 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp
2015-08-27 16:40 - 2015-07-20 18:46 - 00000000 ____D C:\windows\system32\MRT
2015-08-27 16:28 - 2015-07-20 18:46 - 132483416 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-08-27 14:32 - 2010-05-18 16:55 - 00119584 _____ (Apple Inc.) C:\windows\system32\dns-sd.exe
2015-08-27 14:32 - 2010-05-18 16:35 - 00107808 _____ (Apple Inc.) C:\windows\SysWOW64\dns-sd.exe
2015-08-27 14:23 - 2015-03-25 01:19 - 00049434 _____ C:\windows\DPINST.LOG
2015-08-27 12:43 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-27 12:43 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-27 12:07 - 2014-04-03 21:15 - 00000000 ____D C:\windows\Panther
2015-08-27 11:47 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-27 10:46 - 2015-07-20 16:47 - 00000000 ____D C:\ProgramData\Stardock
2015-08-27 10:33 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\BBI
2015-08-27 10:32 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-08-27 10:32 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-27 10:21 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\NDF
2015-08-26 23:36 - 2015-07-20 19:33 - 00000000 ____D C:\windows\system32\appraiser
2015-08-26 23:36 - 2015-03-25 01:58 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-26 23:35 - 2015-07-20 21:04 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\vlc
2015-08-26 20:39 - 2015-03-25 02:44 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-08-26 20:39 - 2015-03-25 02:43 - 00000000 ____D C:\Program Files\Lenovo
2015-08-26 20:31 - 2015-07-20 16:21 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\LSC
2015-08-26 20:30 - 2015-03-25 03:10 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2015-08-26 20:27 - 2015-03-25 03:10 - 00000000 ____D C:\windows\Downloaded Installations
2015-08-26 20:25 - 2015-07-20 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-26 20:24 - 2015-07-24 11:44 - 00000021 _____ C:\ProgramData\settings.cfg
2015-08-26 20:16 - 2015-07-27 23:09 - 00003802 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-08-26 20:03 - 2015-07-20 17:41 - 00003826 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1437406874
2015-08-26 20:03 - 2015-07-20 17:40 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-26 20:02 - 2015-07-20 17:41 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-26 19:54 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness
2015-08-05 02:31 - 2015-06-05 14:36 - 00827632 _____ (COMODO) C:\windows\system32\Drivers\cmdguard.sys
2015-08-05 02:31 - 2015-06-05 14:36 - 00127232 _____ (COMODO) C:\windows\system32\Drivers\inspect.sys
2015-08-05 02:31 - 2015-06-05 14:36 - 00035056 _____ (COMODO) C:\windows\system32\Drivers\cmdhlp.sys
2015-08-05 02:31 - 2015-06-05 14:36 - 00021720 _____ (COMODO) C:\windows\system32\Drivers\cmderd.sys
2015-08-05 02:29 - 2015-06-05 14:34 - 00579408 _____ (COMODO) C:\windows\system32\guard64.dll
2015-08-05 02:29 - 2015-06-05 14:34 - 00445472 _____ (COMODO) C:\windows\SysWOW64\guard32.dll
2015-08-05 02:29 - 2015-06-05 14:34 - 00041224 _____ (COMODO) C:\windows\system32\cmdcsr.dll
2015-08-05 02:28 - 2015-06-05 14:33 - 00358080 _____ (COMODO) C:\windows\system32\cmdvrt64.dll
2015-08-05 02:28 - 2015-06-05 14:32 - 00045760 _____ (COMODO) C:\windows\system32\cmdkbd64.dll
2015-08-05 02:27 - 2015-06-05 14:31 - 00288448 _____ (COMODO) C:\windows\SysWOW64\cmdvrt32.dll
2015-08-05 02:26 - 2015-06-05 14:31 - 00040640 _____ (COMODO) C:\windows\SysWOW64\cmdkbd32.dll
2015-08-02 22:34 - 2015-07-20 17:55 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\uTorrent
2015-08-02 08:27 - 2015-07-20 16:41 - 00002326 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
==================== Files in the root of some directories =======
2015-07-22 12:30 - 2015-07-22 13:03 - 0001480 _____ () C:\Users\Ondřej\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-03-25 02:23 - 2015-03-25 02:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-07-24 11:44 - 2015-08-26 20:24 - 0000021 _____ () C:\ProgramData\settings.cfg
Some files in TEMP:
====================
C:\Users\Ondřej\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 8.0 (Disabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: COMODO Firewall (Disabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Ond�ej\Desktop" je 7 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-08-2015
Ran by Ondřej (administrator) on ONDREJ (28-08-2015 23:10:25)
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej (Available Profiles: Ondřej)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FBService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Lenovo) C:\Windows\System32\LenovoUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Users\Ondřej\AppData\Local\Apps\2.0\E3CEQ2Z0.2J2\KZQ0ETDD.T46\lsb...tion_91a10ba61c75c82d_0001.0004_53146ffb7155a994\LSB.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(forum.viry.cz) C:\Users\Ondřej\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2809072 2014-10-21] (Synaptics Incorporated)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [4060376 2014-10-22] (Realtek semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791368 2015-03-25] ()
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2015-03-25] (Lenovo)
HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [605992 2015-07-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-01-28] (ESET)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-05] (COMODO)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.)
HKLM\...\Policies\Explorer: [Max Cached Icons] 2000
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22344224 2015-08-26] (Google)
Startup: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-07-20]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{488BC3FC-E1F1-49E4-AC08-347319CB48E6}: [DhcpNameServer] 213.46.172.36 213.46.172.37
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-26] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-26] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Extension: Disconnect - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\2.0@disconnect.me.xpi [2015-07-20]
FF Extension: YouTube Enhancer Plus - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\firefoxaddon@youtubeenhancer.com.xpi [2015-07-20]
FF Extension: Translate This! - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2015-07-21]
FF Extension: Lightbeam - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-07-20]
FF Extension: Clearly - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\readable@evernote.com.xpi [2015-07-20]
FF Extension: Send to Kindle for Mozilla Firefox - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\sendtokindle@amazon.com.xpi [2015-07-20]
FF Extension: NoScript - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-07-20]
FF Extension: Adblock Plus - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-20]
FF Extension: Evernote Web Clipper - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-07-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-07-20]
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\sendtokindle@amazon.com.xpi [not found]
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\readable@evernote.com.xpi [not found]
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\firefoxaddon@youtubeenhancer.com.xpi [not found]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-08-05] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-05] (COMODO)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [191000 2015-07-20] (Lenovo)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1122744 2015-06-01] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation)
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-14] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-07-20] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2742568 2015-07-20] (Lenovo(beijing) Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-03-25] ()
R3 LenovoUpdate; C:\Windows\System32\LenovoUpdate.exe [26608 2015-07-20] (Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-26] (Lenovo)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-07-20] ()
R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [359208 2015-07-20] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-03-25] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-03-25] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-06-12] (Stardock Software, Inc)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-10-21] (Synaptics Incorporated)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2015-03-25] ()
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-08-27] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-08-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-07-20] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-08-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [827632 2015-08-05] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-08-05] (COMODO)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [159480 2015-03-10] (ESET)
R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70168 2015-07-20] (Windows (R) Win 7 DDK provider)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [219592 2014-08-14] (Intel Corporation)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127232 2015-08-05] (COMODO)
R3 KMDFVirtualKbd; C:\Windows\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-05] ()
R3 KMDFVirtualMouse; C:\Windows\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-05] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3494680 2014-12-08] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [2584280 2014-10-22] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-10-21] (Synaptics Incorporated)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-28 23:10 - 2015-08-28 23:11 - 00024146 _____ C:\Users\Ondřej\Desktop\FRST.txt
2015-08-28 23:10 - 2015-08-28 23:10 - 00000000 ____D C:\FRST
2015-08-28 23:08 - 2015-08-28 23:08 - 00112640 _____ (forum.viry.cz) C:\Users\Ondřej\Desktop\FRSTLauncher.exe
2015-08-28 13:25 - 2015-08-28 14:14 - 857143556 _____ C:\Users\Ondřej\Downloads\Vinnetou---Rudý-gentleman-1964-CZdabing-DVDRip.avi
2015-08-28 12:10 - 2015-08-28 15:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-28 11:41 - 2015-08-28 11:41 - 02186752 _____ (Farbar) C:\Users\Ondřej\Desktop\FRST64.exe
2015-08-27 14:32 - 2015-08-27 14:33 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\com.wd.WDMyCloud
2015-08-27 14:32 - 2015-08-27 14:32 - 00001180 _____ C:\Users\Public\Desktop\WD My Cloud.lnk
2015-08-27 14:32 - 2015-08-27 14:32 - 00000000 ____D C:\ProgramData\Apple
2015-08-27 14:32 - 2015-08-27 14:32 - 00000000 ____D C:\Program Files\Bonjour
2015-08-27 14:32 - 2015-08-27 14:32 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-27 14:29 - 2015-08-27 14:30 - 63831744 _____ C:\Users\Ondřej\Downloads\WDMyCloud_win.exe
2015-08-27 14:26 - 2015-08-27 14:32 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Western Digital
2015-08-27 14:23 - 2015-08-27 14:40 - 252879338 _____ C:\Users\Ondřej\Downloads\Zabelov Group - Secret Session.zip
2015-08-27 14:23 - 2015-08-27 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2015-08-27 14:23 - 2015-08-27 14:23 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Western_Digital_Technolog
2015-08-27 14:22 - 2015-08-28 11:54 - 00000000 ____D C:\ProgramData\Western Digital
2015-08-27 14:22 - 2015-08-28 11:54 - 00000000 ____D C:\Program Files\Common Files\Western Digital
2015-08-27 14:22 - 2015-08-28 11:54 - 00000000 ____D C:\Program Files (x86)\Western Digital
2015-08-27 14:16 - 2015-08-27 14:16 - 41943883 _____ C:\Users\Ondřej\Downloads\WD_SmartWare_Installer_2.4.12.1.zip
2015-08-27 12:44 - 2015-08-27 12:44 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-27 12:44 - 2015-08-27 12:44 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-27 11:31 - 2015-08-28 11:40 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-27 11:30 - 2015-08-27 11:30 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-27 11:30 - 2015-08-27 11:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-27 11:30 - 2015-08-27 11:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-27 11:30 - 2015-08-27 11:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-27 11:30 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-08-27 11:30 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-08-27 11:30 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-08-27 11:28 - 2015-08-27 11:28 - 00000000 ____D C:\Users\Ondřej\Desktop\CrystalDiskInfo5_0_0
2015-08-27 10:42 - 2015-08-27 10:42 - 04177408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-27 10:42 - 2015-08-27 10:42 - 02529880 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 02345472 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 01994752 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 01901776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 01559552 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 01556992 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 01381888 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 00358912 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 00301568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-27 10:42 - 2015-08-27 10:42 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 25192448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 19870208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 14451200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 12856832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 02880000 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 02427904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-08-27 10:38 - 2015-08-27 10:38 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 01048576 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-08-27 10:38 - 2015-08-27 10:38 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-08-27 10:38 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-08-27 10:38 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-08-27 10:37 - 2015-08-27 10:37 - 07458648 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-27 10:37 - 2015-08-27 10:37 - 07032320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 06213120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 01735000 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 01499920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 01101824 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-08-27 10:37 - 2015-08-27 10:37 - 00101720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-27 10:30 - 2015-08-27 10:32 - 00000000 ____D C:\AdwCleaner
2015-08-27 10:30 - 2015-08-27 10:30 - 00270168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2015-08-27 10:30 - 2015-08-27 10:30 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-27 10:30 - 2015-08-27 10:30 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-27 10:30 - 2015-08-27 10:30 - 00221184 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-27 10:30 - 2015-08-27 10:30 - 00212992 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-08-27 10:30 - 2015-08-27 10:30 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-08-27 10:30 - 2015-08-27 10:30 - 00114520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdNisDrv.sys
2015-08-27 10:30 - 2015-08-27 10:30 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-27 10:30 - 2015-08-27 10:30 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-08-27 10:30 - 2015-08-27 10:30 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-27 10:30 - 2015-08-27 10:30 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-27 10:30 - 2015-08-27 10:30 - 00044560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2015-08-27 10:29 - 2015-08-27 10:29 - 01618432 _____ C:\Users\Ondřej\Desktop\adwcleaner_5.004.exe
2015-08-26 23:40 - 2015-08-28 15:45 - 01458419 _____ C:\windows\WindowsUpdate.log
2015-08-26 23:37 - 2015-08-28 15:47 - 00173924 _____ C:\windows\PFRO.log
2015-08-26 21:53 - 2015-08-26 21:53 - 18823680 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2015-08-26 21:53 - 2015-08-26 21:53 - 15159296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-26 21:53 - 2015-06-09 20:27 - 00411133 _____ C:\windows\system32\ApnDatabase.xml
2015-08-26 21:52 - 2015-08-26 21:52 - 02476376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2015-08-26 21:52 - 2015-08-26 21:52 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 01116160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 01113944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2015-08-26 21:52 - 2015-08-26 21:52 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 00743424 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 00487256 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 00437248 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 00428888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2015-08-26 21:52 - 2015-08-26 21:52 - 00393560 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-26 21:52 - 2015-08-26 21:52 - 00025776 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-26 20:30 - 2015-08-26 20:30 - 00002018 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2015-08-26 20:29 - 2015-08-28 23:04 - 00000000 ____D C:\Program Files\trend micro
2015-08-26 20:29 - 2015-08-26 20:29 - 00000000 ____D C:\rsit
2015-08-26 20:28 - 2015-08-26 20:28 - 01222144 _____ C:\Users\Ondřej\Desktop\RSITx64.exe
2015-08-26 20:23 - 2015-08-26 20:23 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2015-08-26 20:23 - 2015-08-26 20:23 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2015-08-26 20:19 - 2015-08-26 23:37 - 00003244 _____ C:\windows\system32\Drivers\fvstore.dat
2015-08-26 20:19 - 2015-08-26 20:19 - 00000000 ___HD C:\VTRoot
2015-08-26 20:18 - 2015-08-26 20:18 - 00003028 _____ C:\windows\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2015-08-26 20:00 - 2015-08-26 20:00 - 03704320 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 02228736 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00891904 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-08-26 20:00 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-08-26 20:00 - 2015-08-26 20:00 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-08-26 20:00 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-08-26 19:56 - 2015-08-26 22:13 - 2412965518 _____ C:\Users\Ondřej\Downloads\Vinnetou-_-Winnetou-I-1963,-CZ.mkv.part
2015-08-05 22:12 - 2015-08-05 23:07 - 998987160 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto---7.Konkurence.avi
2015-08-02 21:14 - 2015-08-02 21:23 - 00000000 ____D C:\Users\Ondřej\Downloads\The Office (UK) Series 1 + 2 Christmas Specials And Extras
2015-08-02 21:13 - 2015-08-02 21:13 - 00047758 _____ C:\Users\Ondřej\Downloads\[kat.cr]the.office.series.1.2.christmas.specials.and.extras.uk.torrent
2015-08-02 21:10 - 2015-08-02 21:22 - 00000000 ____D C:\Users\Ondřej\Downloads\The.IT.Crowd.The.Internet.is.Coming.720p.WEB-DL.AAC.2.0.H.264-Positive [PublicHD]
2015-08-02 18:28 - 2015-08-02 18:28 - 00040960 _____ (vbAccelerator) C:\windows\SysWOW64\ssubtmr6.dll
2015-08-02 18:28 - 2015-08-02 18:28 - 00036864 _____ (Robdogg Inc.) C:\windows\SysWOW64\trayicon_handler.ocx
2015-08-02 18:27 - 2015-08-02 18:28 - 12951423 _____ (Dennis Meuwissen ) C:\Users\Ondřej\Downloads\dvdflick_setup_1.3.0.7.exe
2015-08-02 16:18 - 2015-08-02 17:24 - 00000000 ____D C:\Users\Ondřej\Downloads\Black Books Series 1-3 +Extras (SUBS-EN) DVD-RIP x264-S4L
2015-08-02 09:27 - 2015-08-03 21:26 - 00042496 ___SH C:\Users\Ondřej\Downloads\Thumbs.db
2015-08-02 09:25 - 2015-08-02 09:25 - 00052383 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E05.HDTV.x264-ASAP.srt
2015-08-02 09:25 - 2015-08-02 09:25 - 00048473 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E03.HDTV.x264-ASAP.srt
2015-08-02 09:25 - 2015-08-02 09:25 - 00034322 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E06.HDTV.x264-KILLERS.srt
2015-08-02 09:24 - 2015-08-02 09:24 - 00043748 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E04.HDTV.x264-ASAP.srt
2015-08-02 09:22 - 2015-08-02 09:22 - 00051995 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E02.HDTV.x264-ASAP.srt
2015-08-02 09:22 - 2015-08-02 09:22 - 00041374 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E01.HDTV.x264-KILLERS.srt
2015-08-02 09:19 - 2015-08-02 09:18 - 375010225 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E06.HDTV.x264-KILLERS.mp4
2015-08-02 09:19 - 2015-08-02 09:17 - 386767635 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E04.HDTV.x264-ASAP.mp4
2015-08-02 09:19 - 2015-08-02 09:17 - 342306904 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E05.HDTV.x264-ASAP.mp4
2015-08-02 09:19 - 2015-08-02 09:16 - 336767297 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E03.HDTV.x264-ASAP.mp4
2015-08-02 09:19 - 2015-08-02 09:15 - 325581650 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E02.HDTV.x264-ASAP.mp4
2015-08-02 09:18 - 2015-08-02 09:16 - 412224492 _____ C:\Users\Ondřej\Downloads\True.Detective.S02E01.HDTV.x264-KILLERS.mp4
2015-08-01 17:05 - 2015-08-01 18:02 - 1005481832 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto---6.Natrvalo.avi
2015-08-01 00:23 - 2015-08-28 12:10 - 00000000 ____D C:\Games
2015-07-31 21:30 - 2015-07-31 21:30 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\WinRAR
2015-07-31 21:30 - 2015-07-31 21:30 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-31 21:30 - 2015-07-31 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-31 21:30 - 2015-07-31 21:30 - 00000000 ____D C:\Program Files\WinRAR
2015-07-31 21:30 - 2015-07-31 21:30 - 00000000 ____D C:\EarMaster Pro 6
2015-07-31 21:27 - 2015-08-02 11:16 - 00000000 ____D C:\Users\Ondřej\Downloads\EarMaster Pro 6.1.0.645PW Multilingual Portable [oddsox]
2015-07-31 20:57 - 2015-07-31 21:54 - 1007928956 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto---5.Maringotka-číslo-osm.avi
2015-07-31 19:27 - 2015-07-31 20:25 - 1008373330 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto---4.Nový-domov.avi
2015-07-31 16:53 - 2015-07-31 19:27 - 1005242032 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto---3.Carlo-se-loučí.avi
2015-07-31 14:16 - 2015-07-31 14:57 - 734271488 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto-2-Nabídka-ke-sňatku.avi
2015-07-30 21:53 - 2015-07-30 21:53 - 00000000 ____D C:\Users\Ondřej\Downloads\DNS-320L_LW_sw_revA3_5-2-0_Storage_Utility_Win_eu_en_20150202
2015-07-30 21:35 - 2015-07-30 21:35 - 00000000 ____D C:\Users\Ondřej\Downloads\DNS-320L_sw_revA3_1-2-0-5_eu_multi_20150202
2015-07-30 21:32 - 2015-07-31 14:43 - 00000000 ____D C:\Users\Ondřej\Downloads\DNS-320L_fw_revA3_1-04b12_all_en_20150202
2015-07-30 21:18 - 2015-07-30 21:59 - 734300160 _____ C:\Users\Ondřej\Downloads\Cirkus-Humberto-1-Návrat.avi
2015-07-30 15:34 - 2015-07-30 15:34 - 00003224 _____ C:\Users\Ondřej\Desktop\CraftWorld.lnk
2015-07-29 00:34 - 2015-07-29 00:35 - 00000000 ____D C:\Users\Ondřej\Downloads\How It Works Book of Incredible Earth (3rd Revised Edition)
2015-07-29 00:33 - 2015-07-31 21:58 - 00000000 ____D C:\Users\Ondřej\Downloads\Kings.Quest.Chapter.1-CODEX
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-28 23:02 - 2015-07-28 00:38 - 00007629 _____ C:\windows\setupact.log
2015-08-28 23:00 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\sru
2015-08-28 22:56 - 2015-03-25 02:43 - 00000000 ____D C:\ProgramData\Lenovo
2015-08-28 22:53 - 2015-07-20 23:51 - 00000000 ___RD C:\Users\Ondřej\Disk Google
2015-08-28 22:53 - 2015-07-20 16:28 - 00000000 ____D C:\Users\Ondřej\OneDrive
2015-08-28 22:52 - 2015-07-27 23:45 - 00000952 _____ C:\windows\lupdate.log
2015-08-28 22:52 - 2015-07-20 21:17 - 00000970 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-28 22:51 - 2015-03-25 02:29 - 00016979 _____ C:\windows\SysWOW64\Gms.log
2015-08-28 15:53 - 2015-03-25 02:10 - 00965776 _____ C:\windows\system32\perfh005.dat
2015-08-28 15:53 - 2015-03-25 02:10 - 00232044 _____ C:\windows\system32\perfc005.dat
2015-08-28 15:53 - 2014-03-18 11:53 - 02058428 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-28 15:49 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-28 15:49 - 2013-08-22 16:44 - 05157752 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-28 15:47 - 2015-07-20 16:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-28 15:47 - 2015-03-25 03:11 - 00004608 _____ C:\windows\system32\VfService.trf
2015-08-28 15:46 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-28 15:46 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-28 15:46 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-28 15:46 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-28 15:45 - 2015-03-25 02:24 - 01074018 _____ C:\Users\Public\CAFADEBUG.log
2015-08-28 15:28 - 2015-07-20 21:17 - 00000974 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-28 15:16 - 2015-07-27 23:09 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-28 12:50 - 2015-07-20 16:33 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3150350679-1446840329-1987453535-1001
2015-08-28 12:23 - 2015-07-20 21:17 - 00003946 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-28 12:23 - 2015-07-20 21:17 - 00003710 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-28 12:10 - 2015-03-25 02:03 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-28 11:56 - 2015-07-20 16:29 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Adobe
2015-08-28 11:49 - 2015-07-20 23:47 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-27 16:41 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp
2015-08-27 16:40 - 2015-07-20 18:46 - 00000000 ____D C:\windows\system32\MRT
2015-08-27 16:28 - 2015-07-20 18:46 - 132483416 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-08-27 14:32 - 2010-05-18 16:55 - 00119584 _____ (Apple Inc.) C:\windows\system32\dns-sd.exe
2015-08-27 14:32 - 2010-05-18 16:35 - 00107808 _____ (Apple Inc.) C:\windows\SysWOW64\dns-sd.exe
2015-08-27 14:23 - 2015-03-25 01:19 - 00049434 _____ C:\windows\DPINST.LOG
2015-08-27 12:43 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-27 12:43 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-27 12:07 - 2014-04-03 21:15 - 00000000 ____D C:\windows\Panther
2015-08-27 11:47 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-27 10:46 - 2015-07-20 16:47 - 00000000 ____D C:\ProgramData\Stardock
2015-08-27 10:33 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\BBI
2015-08-27 10:32 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-08-27 10:32 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-27 10:21 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\NDF
2015-08-26 23:36 - 2015-07-20 19:33 - 00000000 ____D C:\windows\system32\appraiser
2015-08-26 23:36 - 2015-03-25 01:58 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-26 23:35 - 2015-07-20 21:04 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\vlc
2015-08-26 20:39 - 2015-03-25 02:44 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-08-26 20:39 - 2015-03-25 02:43 - 00000000 ____D C:\Program Files\Lenovo
2015-08-26 20:31 - 2015-07-20 16:21 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\LSC
2015-08-26 20:30 - 2015-03-25 03:10 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2015-08-26 20:27 - 2015-03-25 03:10 - 00000000 ____D C:\windows\Downloaded Installations
2015-08-26 20:25 - 2015-07-20 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-26 20:24 - 2015-07-24 11:44 - 00000021 _____ C:\ProgramData\settings.cfg
2015-08-26 20:16 - 2015-07-27 23:09 - 00003802 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-08-26 20:03 - 2015-07-20 17:41 - 00003826 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1437406874
2015-08-26 20:03 - 2015-07-20 17:40 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-26 20:02 - 2015-07-20 17:41 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-26 19:54 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness
2015-08-05 02:31 - 2015-06-05 14:36 - 00827632 _____ (COMODO) C:\windows\system32\Drivers\cmdguard.sys
2015-08-05 02:31 - 2015-06-05 14:36 - 00127232 _____ (COMODO) C:\windows\system32\Drivers\inspect.sys
2015-08-05 02:31 - 2015-06-05 14:36 - 00035056 _____ (COMODO) C:\windows\system32\Drivers\cmdhlp.sys
2015-08-05 02:31 - 2015-06-05 14:36 - 00021720 _____ (COMODO) C:\windows\system32\Drivers\cmderd.sys
2015-08-05 02:29 - 2015-06-05 14:34 - 00579408 _____ (COMODO) C:\windows\system32\guard64.dll
2015-08-05 02:29 - 2015-06-05 14:34 - 00445472 _____ (COMODO) C:\windows\SysWOW64\guard32.dll
2015-08-05 02:29 - 2015-06-05 14:34 - 00041224 _____ (COMODO) C:\windows\system32\cmdcsr.dll
2015-08-05 02:28 - 2015-06-05 14:33 - 00358080 _____ (COMODO) C:\windows\system32\cmdvrt64.dll
2015-08-05 02:28 - 2015-06-05 14:32 - 00045760 _____ (COMODO) C:\windows\system32\cmdkbd64.dll
2015-08-05 02:27 - 2015-06-05 14:31 - 00288448 _____ (COMODO) C:\windows\SysWOW64\cmdvrt32.dll
2015-08-05 02:26 - 2015-06-05 14:31 - 00040640 _____ (COMODO) C:\windows\SysWOW64\cmdkbd32.dll
2015-08-02 22:34 - 2015-07-20 17:55 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\uTorrent
2015-08-02 08:27 - 2015-07-20 16:41 - 00002326 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
==================== Files in the root of some directories =======
2015-07-22 12:30 - 2015-07-22 13:03 - 0001480 _____ () C:\Users\Ondřej\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-03-25 02:23 - 2015-03-25 02:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-07-24 11:44 - 2015-08-26 20:24 - 0000021 _____ () C:\ProgramData\settings.cfg
Some files in TEMP:
====================
C:\Users\Ondřej\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 8.0 (Disabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: COMODO Firewall (Disabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Ond�ej\Desktop" je 7 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (6.67 KiB) Staženo 68 x
Re: Preventivka
Podle logu mate nejake divne zabezpeceni. Eset neni aktualizovany, bezi vam dva AntiSpyware stity (eset a comodo) a firewall mate vypnuty 
AV: ESET NOD32 Antivirus 8.0 (Disabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: COMODO Firewall (Disabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}
Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\sendtokindle@amazon.com.xpi [not found]
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\readable@evernote.com.xpi [not found]
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\firefoxaddon@youtubeenhancer.com.xpi [not found]
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-26 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20 144200]
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Díky,
Comodo Firewall jsem vypnul jen na test protože mi nedovolil spustit FRST. S Esetem bohužel čekám až budou peníze na prodloužení licence
Mimochodem, je to možná trochu mimo téma, ale myslíte si, že je lepší používat Eset NOD + Comodo Firewall (free) nebo ESET Smart Security s jejich firewallem? Díky
Fix result of Farbar Recovery Scan Tool (x64) Version:27-08-2015
Ran by Ondřej (2015-08-29 09:45:43) Run:1
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej (Available Profiles: Ondřej)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\sendtokindle@amazon.com.xpi [not found]
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\readable@evernote.com.xpi [not found]
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\firefoxaddon@youtubeenhancer.com.xpi [not found]
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-26 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20 144200]
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCEPServiceManager => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value removed successfully
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value removed successfully
C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\sendtokindle@amazon.com.xpi => path removed successfully
C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\readable@evernote.com.xpi => path removed successfully
C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\firefoxaddon@youtubeenhancer.com.xpi => path removed successfully
C:\windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
AdobeARMservice => service removed successfully
gupdate => service removed successfully
SkypeUpdate => service removed successfully
AdobeFlashPlayerUpdateSvc => service removed successfully
gupdatem => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 3.4 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 09:47:22 ====
Comodo Firewall jsem vypnul jen na test protože mi nedovolil spustit FRST. S Esetem bohužel čekám až budou peníze na prodloužení licence
Mimochodem, je to možná trochu mimo téma, ale myslíte si, že je lepší používat Eset NOD + Comodo Firewall (free) nebo ESET Smart Security s jejich firewallem? Díky
Fix result of Farbar Recovery Scan Tool (x64) Version:27-08-2015
Ran by Ondřej (2015-08-29 09:45:43) Run:1
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej (Available Profiles: Ondřej)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\sendtokindle@amazon.com.xpi [not found]
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\readable@evernote.com.xpi [not found]
FF Extension: No Name - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\firefoxaddon@youtubeenhancer.com.xpi [not found]
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-26 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20 144200]
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCEPServiceManager => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value removed successfully
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-3150350679-1446840329-1987453535-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value removed successfully
C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\sendtokindle@amazon.com.xpi => path removed successfully
C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\readable@evernote.com.xpi => path removed successfully
C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\tcmh4g0s.default\extensions\firefoxaddon@youtubeenhancer.com.xpi => path removed successfully
C:\windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
AdobeARMservice => service removed successfully
gupdate => service removed successfully
SkypeUpdate => service removed successfully
AdobeFlashPlayerUpdateSvc => service removed successfully
gupdatem => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 3.4 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 09:47:22 ====
Re: Preventivka
Mit neaktualizovany AV neni zrovna dobre reseni. To ho radeji odinstalujte a nez si ho koupite, hodte tam nejaky free AV.
Ja bych dal asi prednost kompletnimu baliku, tedy ESET Smart Security. Ale co je opravdu kvalitnejsi nemuzu posoudit, tohle ja zase co clovek, to nazor
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak to s pc vypada.
Ja bych dal asi prednost kompletnimu baliku, tedy ESET Smart Security. Ale co je opravdu kvalitnejsi nemuzu posoudit, tohle ja zase co clovek, to nazor
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak to s pc vypada.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Děkuji mockrát,
notebook je rychlejší, nicméně jsem ho kupoval cca před měsícem. Myslíte, že chyby na disku jsou důvod k reklamaci? Tedy jestli když přijdu do Alzy s notebookem a výpisem chyb disku, že mi to uznají a disk vymění? Vím, že to není úplně vhodná otázka, ale třeba s tím má někdo zkušenost
notebook je rychlejší, nicméně jsem ho kupoval cca před měsícem. Myslíte, že chyby na disku jsou důvod k reklamaci? Tedy jestli když přijdu do Alzy s notebookem a výpisem chyb disku, že mi to uznají a disk vymění? Vím, že to není úplně vhodná otázka, ale třeba s tím má někdo zkušenost
Re: Preventivka
To nevim, jestli by uznali reklamaci.
Pocitac ted funguje normalne? Nebo je sice rychlejsi, ale do normalu to ma daleko?0B 100 100 __0 000000000001 Počet pokusů o překalibrování
BF 100 100 __0 0000000001BB Počet udalostí zaznamenaných otřesovým senzorem
C8 100 100 __0 00000000015F Počet chyb při zápisu sektorů
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Běží asi normálně, na PC mám SSD tak mi to možná jen připadá pomalejší.
Re: Preventivka
Dejte log z Crystal Disk Info do sekce Hardware, tam se k tomu vyjadri nekdo, kdo se v HW vyzna vic. Chtelo by to setrnejsi zachazeni
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?