VIRY.CZ

zbeLogfile of random's system information tool 1.10 (written by random/random)
Run by Ricardino at 2015-10-22 08:45:38
Microsoft Windows 10 Home
System drive C: has 381 GB (84%) free of 456 GB
Total RAM: 16296 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:45:48, on 22.10.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Programy\OpenVPN\bin\openvpn-gui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Programy\OpenVPN\bin\openvpn.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\RICARD~1\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ricardino.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll
O2 - BHO: DCA - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files (x86)\Consumer Input\InternetExplorer\dca-bho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{946e0766-5d15-455d-afbd-d7bc10d32352}: NameServer = 213.151.222.34 85.237.225.250
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Programy\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - D:\Programy\OpenVPN\bin\openvpnserv.exe
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13924 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-954bb8c9-49bc-40af-806a-c90c4321c2b0 -SystemEventPortName:HostProcess-de5eab6b-603e-42e9-a978-54b298504e8d -IoCancelEventPortName:HostProcess-0ddb9665-ea51-49ca-af88-a4f954adff57 -NonStateChangingEventPortName:HostProcess-f9d30129-0fbb-4780-abb7-7159983ba437 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:49ee4649-d199-4fec-9064-edc49e600c54 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\spoolsv.exe
"D:\Programy\SUPERAntiSpyware\SASCORE64.EXE"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
dashost.exe {82d221d9-8cdb-4da0-8e21a1734ebf17bd}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
adb fork-server server


C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files\Elantech\ETDCtrl.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
C:\WINDOWS\Explorer.EXE
\??\C:\WINDOWS\system32\conhost.exe 0x4
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe" 1 1 1 1
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
taskeng.exe {6A1E92C6-8CDC-4E49-B4C5-1AC58FAF955B}
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7472.0.329972396\894471751" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4256 --ignored=" --type=renderer " /prefetch:822062411

"D:\Programy\OpenVPN\bin\openvpn-gui.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7472.2.632635683\1096481870" --font-cache-shared-handle=2720 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7472.3.820805824\461595314" --font-cache-shared-handle=2752 /prefetch:673131151
openvpn --config "ipvanish-LU-Luxembourg-lux-c01.ovpn" --service 1da8000015b0 0 --log "D:\Programy\OpenVPN\log\ipvanish-LU-Luxembourg-lux-c01.log" --auth-retry interact --management 127.0.0.1 25340 stdin --management-query-passwords --management-query-proxy --management-hold
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7472.4.1959353112\567571985" --font-cache-shared-handle=4616 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7472.5.652668214\1222061040" --font-cache-shared-handle=5468 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7472.6.2087525598\845803354" --font-cache-shared-handle=6172 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="7472.7.1590676981\1478026723" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\RICARD~1\AppData\Local\Temp\jre-8u65-windows-au.exe" /installmethod=jau FAMILYUPGRADE=1
C:\WINDOWS\system32\msiexec.exe /V
taskeng.exe {4C4D7DB3-7534-4101-ACBA-A26EE5E09397}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7472.9.1328033033\682247973" --font-cache-shared-handle=5484 /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe50_ Global\UsGthrCtrlFltPipeMssGthrPipe50 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 624 628 636 8192 632
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-100151_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-100151 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"D:\Programy\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\CIMT_daily_S-1-5-21-488808105-4097251070-3538552251-1001.job - C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe /daily
C:\WINDOWS\tasks\CIMT_S-1-5-21-488808105-4097251070-3538552251-1001.job - C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineCore.job - C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe /c
C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineUA.job - C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d041401ac3b372.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d091142e5862b2.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0bfa37948bd6.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25 728840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}]
Consumer Input DCA BHO - C:\Program Files (x86)\Consumer Input\InternetExplorer\dca-bho.dll [2015-08-21 844816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25 617736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-09-27 3743976]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-06-16 5060864]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-01-21 1179576]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-12-04 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-04 16093512]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-04 8235848]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EpicScale"= []
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Bloody2"=C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2014-12-30 16294912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-10-06 597040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-22 08:45:38 ----D---- C:\rsit
2015-10-18 17:01:24 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2015-10-18 17:01:24 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2015-10-18 17:01:24 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-10-18 17:01:24 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2015-10-18 17:01:24 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2015-10-18 17:01:24 ----A---- C:\WINDOWS\SYSWOW64\CallHistoryClient.dll
2015-10-18 17:01:24 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-10-18 17:01:24 ----A---- C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-18 17:01:23 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-10-18 17:01:23 ----A---- C:\WINDOWS\system32\UserDataService.dll
2015-10-18 17:01:23 ----A---- C:\WINDOWS\system32\Unistore.dll
2015-10-18 17:01:23 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-18 17:01:23 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-18 17:01:23 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2015-10-18 17:01:23 ----A---- C:\WINDOWS\system32\Chakra.dll
2015-10-18 17:01:23 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-10-18 17:01:23 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-18 17:01:22 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-10-18 17:01:22 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-10-18 17:01:22 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-18 17:01:21 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2015-10-18 17:01:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-10-18 17:01:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-10-18 17:01:20 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-10-18 17:01:20 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-18 17:01:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-10-18 17:01:18 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-10-18 17:01:18 ----A---- C:\WINDOWS\system32\shell32.dll
2015-10-18 17:01:17 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-10-18 17:01:16 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-10-18 17:01:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-18 17:01:15 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2015-10-18 17:01:15 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-10-18 17:01:15 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-10-18 17:01:15 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-18 17:01:15 ----A---- C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-18 17:01:15 ----A---- C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-18 17:01:15 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-10-18 17:01:15 ----A---- C:\WINDOWS\system32\ChatApis.dll
2015-10-18 17:01:15 ----A---- C:\WINDOWS\system32\EmailApis.dll
2015-10-18 17:01:15 ----A---- C:\WINDOWS\system32\ContactApis.dll
2015-10-18 17:01:15 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2015-10-18 17:01:14 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2015-10-18 17:01:14 ----A---- C:\WINDOWS\SYSWOW64\PhoneCallHistoryApis.dll
2015-10-18 17:01:14 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-10-18 17:01:14 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2015-10-18 17:01:14 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2015-10-18 17:01:14 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2015-10-18 17:01:14 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2015-10-18 17:01:14 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-18 17:01:14 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-10-18 17:01:13 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-10-18 17:01:13 ----A---- C:\WINDOWS\system32\winload.exe
2015-10-18 17:01:13 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-10-18 17:01:13 ----A---- C:\WINDOWS\system32\jscript.dll
2015-10-18 17:01:12 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-10-18 17:01:12 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-10-18 17:01:12 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2015-10-18 17:01:11 ----A---- C:\WINDOWS\system32\winresume.exe
2015-10-18 17:01:11 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-10-18 17:01:11 ----A---- C:\WINDOWS\system32\fveapi.dll
2015-10-18 17:01:11 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-10-17 11:56:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2015-10-07 16:00:00 ----D---- C:\.Xilinx
2015-10-07 15:58:06 ----D---- C:\ProgramData\.cse
2015-10-07 15:57:38 ----D---- C:\Program Files (x86)\Digilent
2015-10-07 15:57:38 ----A---- C:\WINDOWS\system32\drivers\xpc4drvr.sys
2015-10-07 15:56:59 ----D---- C:\Program Files (x86)\WinPcap
2015-10-07 15:37:54 ----D---- C:\Users\Ricardino\AppData\Roaming\Xilinx
2015-10-02 04:14:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-10-01 15:30:56 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2015-10-01 15:30:55 ----A---- C:\WINDOWS\system32\windows.storage.dll
2015-10-01 15:30:55 ----A---- C:\WINDOWS\system32\mos.dll
2015-10-01 15:30:55 ----A---- C:\WINDOWS\system32\BingMaps.dll
2015-10-01 15:30:54 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2015-10-01 15:30:54 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2015-10-01 15:30:53 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 15:30:52 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 15:30:51 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 15:30:51 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 15:30:51 ----A---- C:\WINDOWS\system32\mfcore.dll
2015-10-01 15:30:50 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2015-10-01 15:30:50 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 15:30:50 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 15:30:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2015-10-01 15:30:49 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2015-10-01 15:30:49 ----A---- C:\WINDOWS\system32\wininet.dll
2015-10-01 15:30:47 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-10-01 15:30:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2015-10-01 15:30:47 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2015-10-01 15:30:47 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2015-10-01 15:30:46 ----A---- C:\WINDOWS\system32\wlansvc.dll
2015-10-01 15:30:46 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-10-01 15:30:45 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2015-10-01 15:30:45 ----A---- C:\WINDOWS\system32\winmde.dll
2015-10-01 15:30:45 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 15:30:45 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 15:30:44 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2015-10-01 15:30:44 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 15:30:44 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 15:30:44 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 15:30:44 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 15:30:43 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-10-01 15:30:43 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2015-10-01 15:30:43 ----A---- C:\WINDOWS\system32\wwansvc.dll
2015-10-01 15:30:43 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 15:30:43 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 15:30:43 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 15:30:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2015-10-01 15:30:42 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2015-10-01 15:30:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-10-01 15:30:42 ----A---- C:\WINDOWS\system32\mfsvr.dll
2015-10-01 15:30:41 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2015-10-01 15:30:41 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2015-10-01 15:30:41 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 15:30:41 ----A---- C:\WINDOWS\system32\RDXService.dll
2015-10-01 15:30:41 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 15:30:41 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 15:30:41 ----A---- C:\WINDOWS\system32\esent.dll
2015-10-01 15:30:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 15:30:40 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2015-10-01 15:30:40 ----A---- C:\WINDOWS\system32\wpx.dll
2015-10-01 15:30:40 ----A---- C:\WINDOWS\system32\mfds.dll
2015-10-01 15:30:40 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 15:30:40 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 15:30:39 ----A---- C:\WINDOWS\system32\wmpmde.dll
2015-10-01 15:30:39 ----A---- C:\WINDOWS\system32\drivers\Wdf01000.sys
2015-10-01 15:30:39 ----A---- C:\WINDOWS\system32\bisrv.dll
2015-10-01 15:30:38 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2015-10-01 15:30:38 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2015-10-01 15:30:38 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 15:30:38 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 15:30:38 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 15:30:38 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 15:30:38 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 15:30:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 15:30:37 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 15:30:37 ----A---- C:\WINDOWS\system32\NotificationController.dll
2015-10-01 15:30:37 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 15:30:36 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2015-10-01 15:30:36 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2015-10-01 15:30:36 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2015-10-01 15:30:36 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 15:30:36 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 15:30:35 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2015-10-01 15:30:35 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2015-10-01 15:30:35 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2015-10-01 15:30:35 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2015-10-01 15:30:35 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 15:30:35 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 15:30:35 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 15:30:35 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 15:30:35 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-10-01 15:30:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2015-10-01 15:30:34 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2015-10-01 15:30:34 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2015-10-01 15:30:34 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2015-10-01 15:30:34 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 15:30:34 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 15:30:34 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 15:30:33 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2015-10-01 15:30:33 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2015-10-01 15:30:33 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 15:30:33 ----A---- C:\WINDOWS\system32\ncsi.dll
2015-10-01 15:30:33 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2015-10-01 15:30:33 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2015-10-01 15:30:32 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2015-10-01 15:30:32 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 15:30:32 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 15:30:32 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 15:30:32 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 15:30:32 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 15:30:32 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-10-01 15:30:32 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2015-10-01 15:30:32 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 15:30:32 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 15:30:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 15:30:31 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 15:30:31 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2015-10-01 15:30:31 ----A---- C:\WINDOWS\system32\psmsrv.dll
2015-10-01 15:30:31 ----A---- C:\WINDOWS\system32\provengine.dll
2015-10-01 15:30:31 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 15:30:31 ----A---- C:\WINDOWS\system32\mf.dll
2015-10-01 15:30:31 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 15:30:31 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 15:30:30 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2015-10-01 15:30:30 ----A---- C:\WINDOWS\system32\wwanconn.dll
2015-10-01 15:30:30 ----A---- C:\WINDOWS\system32\wuuhext.dll
2015-10-01 15:30:30 ----A---- C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 15:30:30 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 15:30:30 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2015-10-01 15:30:29 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 15:30:29 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 15:30:29 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 15:30:29 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 15:30:29 ----A---- C:\WINDOWS\system32\pnidui.dll
2015-10-01 15:30:29 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 15:30:29 ----A---- C:\WINDOWS\system32\mfps.dll
2015-10-01 15:30:29 ----A---- C:\WINDOWS\system32\MapsStore.dll
2015-10-01 15:30:29 ----A---- C:\WINDOWS\system32\cloudAP.dll
2015-10-01 15:30:28 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2015-10-01 15:30:28 ----A---- C:\WINDOWS\system32\omadmclient.exe
2015-10-01 15:30:28 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 15:30:28 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 15:30:28 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2015-10-01 15:30:27 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2015-10-01 15:30:27 ----A---- C:\WINDOWS\system32\wwanmm.dll
2015-10-01 15:30:27 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 15:30:27 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 15:30:27 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 15:30:27 ----A---- C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 15:30:27 ----A---- C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 15:30:27 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2015-10-01 15:30:27 ----A---- C:\WINDOWS\system32\drivers\buttonconverter.sys
2015-10-01 15:30:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Speech.Pal.dll
2015-10-01 15:30:26 ----A---- C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 15:30:26 ----A---- C:\WINDOWS\system32\omadmapi.dll
2015-10-01 15:30:26 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 15:30:25 ----A---- C:\WINDOWS\system32\syncutil.dll
2015-10-01 15:30:25 ----A---- C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 15:30:25 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 15:30:25 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-10-01 15:30:24 ----A---- C:\WINDOWS\system32\wwancfg.dll
2015-10-01 15:30:24 ----A---- C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 15:30:23 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2015-10-01 15:30:23 ----A---- C:\WINDOWS\system32\wpnapps.dll
2015-10-01 15:30:23 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 15:30:23 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 15:30:23 ----A---- C:\WINDOWS\system32\netcenter.dll
2015-10-01 15:30:23 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 15:30:23 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 15:30:23 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-10-01 15:30:23 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-10-01 15:30:23 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 15:30:23 ----A---- C:\WINDOWS\system32\AudioEng.dll
2015-10-01 15:30:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2015-10-01 15:30:22 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2015-10-01 15:30:22 ----A---- C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 15:30:22 ----A---- C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 15:30:22 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 15:30:22 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 15:30:21 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2015-10-01 15:30:21 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2015-10-01 15:30:21 ----A---- C:\WINDOWS\system32\provops.dll
2015-10-01 15:30:21 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 15:30:21 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 15:30:20 ----A---- C:\WINDOWS\SYSWOW64\netcenter.dll
2015-10-01 15:30:20 ----A---- C:\WINDOWS\system32\nlasvc.dll
2015-10-01 15:30:19 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 15:30:19 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 15:30:19 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 15:30:19 ----A---- C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 15:30:19 ----A---- C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 15:30:19 ----A---- C:\WINDOWS\system32\dmcsps.dll
2015-10-01 15:30:19 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 15:30:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 15:30:18 ----A---- C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 15:30:18 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 15:30:18 ----A---- C:\WINDOWS\system32\configmanager2.dll
2015-09-27 19:42:05 ----A---- C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-09-27 19:41:42 ----A---- C:\WINDOWS\system32\ETDCoInstaller15005.dll

======List of files/folders modified in the last 1 month======

2015-10-22 08:45:47 ----D---- C:\Program Files\trend micro
2015-10-22 08:45:42 ----SHD---- C:\WINDOWS\Installer
2015-10-22 08:45:42 ----D---- C:\WINDOWS\Temp
2015-10-22 08:44:55 ----D---- C:\WINDOWS\System32
2015-10-22 08:43:10 ----D---- C:\WINDOWS\Prefetch
2015-10-22 08:42:57 ----D---- C:\Program Files (x86)\Common Files
2015-10-22 08:41:15 ----D---- C:\WINDOWS\SysWOW64
2015-10-22 08:40:50 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-22 08:40:39 ----D---- C:\Program Files\Java
2015-10-22 08:38:27 ----D---- C:\Program Files (x86)\Java
2015-10-22 08:31:13 ----D---- C:\WINDOWS\system32\sru
2015-10-22 08:30:57 ----D---- C:\WINDOWS\system32\Tasks
2015-10-22 08:30:31 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-10-21 22:35:37 ----D---- C:\Users\Ricardino\AppData\Roaming\vlc
2015-10-21 22:33:36 ----D---- C:\Users\Ricardino\AppData\Roaming\uTorrent
2015-10-21 19:25:22 ----D---- C:\WINDOWS\system32\config
2015-10-21 16:51:00 ----D---- C:\WINDOWS\Microsoft.NET
2015-10-21 14:22:20 ----HD---- C:\Program Files\WindowsApps
2015-10-21 14:18:46 ----D---- C:\WINDOWS\AppReadiness
2015-10-21 13:57:34 ----D---- C:\WINDOWS\WinSxS
2015-10-21 13:46:24 ----D---- C:\WINDOWS\INF
2015-10-21 13:46:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-20 21:42:30 ----D---- C:\WINDOWS\CbsTemp
2015-10-20 20:00:52 ----D---- C:\WINDOWS\system32\NDF
2015-10-20 17:56:12 ----D---- C:\WINDOWS\system32\DriverStore
2015-10-19 21:18:22 ----D---- C:\WINDOWS\system32\drivers
2015-10-19 21:15:44 ----D---- C:\WINDOWS\system32\Boot
2015-10-19 21:15:44 ----D---- C:\WINDOWS\system32\appraiser
2015-10-19 21:15:43 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-10-19 21:15:43 ----D---- C:\WINDOWS\AppPatch
2015-10-19 16:16:28 ----SHD---- C:\System Volume Information
2015-10-17 12:13:09 ----D---- C:\WINDOWS\system32\MRT
2015-10-16 12:07:54 ----A---- C:\WINDOWS\system32\MRT.exe
2015-10-16 11:36:24 ----A---- C:\IFRToolLog.txt
2015-10-15 20:58:53 ----D---- C:\WINDOWS\LiveKernelReports
2015-10-15 13:48:19 ----D---- C:\WINDOWS\system32\catroot2
2015-10-13 20:52:34 ----D---- C:\Windows
2015-10-13 20:46:41 ----D---- C:\Program Files\TAP-Windows
2015-10-12 18:01:22 ----D---- C:\WINDOWS\debug
2015-10-08 16:16:39 ----D---- C:\WINDOWS\system32\LogFiles
2015-10-07 21:40:43 ----D---- C:\Program Files (x86)\Microsoft Toolkit Final
2015-10-07 15:58:06 ----HD---- C:\ProgramData
2015-10-07 15:58:06 ----D---- C:\WINDOWS\system32\CatRoot
2015-10-07 15:57:38 ----RD---- C:\Program Files (x86)
2015-10-02 17:21:56 ----D---- C:\WINDOWS\rescache
2015-10-02 04:11:17 ----SD---- C:\WINDOWS\SYSWOW64\F12
2015-10-02 04:11:17 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-10-02 04:11:16 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 04:11:16 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 04:11:15 ----SD---- C:\WINDOWS\system32\F12
2015-10-02 04:11:15 ----D---- C:\WINDOWS\system32\migration
2015-10-02 04:11:14 ----RD---- C:\WINDOWS\PurchaseDialog
2015-10-02 04:11:14 ----D---- C:\WINDOWS\Provisioning
2015-10-02 04:11:13 ----D---- C:\WINDOWS\L2Schemas
2015-09-28 21:27:05 ----D---- C:\Program Files\Elantech

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-13 91912]
R1 dtsoftbus01;@oem53.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-04 283064]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2014-10-10 44632]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R1 SASDIFSV;SASDIFSV; \??\D:\Programy\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\D:\Programy\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 ACPIVPC;@oem34.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-12-04 35576]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 ETD;@oem89.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-09-27 468568]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2015-09-27 30808]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-11-30 91648]
R3 ibtusb;@oem72.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-07-14 263952]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-07-18 6389688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]
R3 iwdbus;@oem50.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MEIx64;@oem70.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-07-10 3496216]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-23 11142984]
R3 nvvad_WaveExtensible;@oem13.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 rt640x64;@oem81.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 RTSPER;@oem74.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-06-15 761600]
R3 rtsuvc;@oem75.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-16 3068160]
R3 tap0901;@oem5.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2014-04-08 27136]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-07-10 105984]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 dg_ssudbus;@oem36.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem18.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-04-16 450520]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 47632]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-08-03 934752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936]
S3 ssudmdm;@oem25.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 tapoas;@oem26.inf,%DeviceDescription%;TAP-Win32 Adapter OAS; C:\WINDOWS\System32\drivers\tapoas.sys [2012-07-15 30720]
S4 RsFx0103;RsFx0103 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; D:\Programy\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-09-27 134888]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2014-01-15 351824]
R2 ibtsiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2014-12-12 125168]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-07-18 351120]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-28 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-03-06 584632]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [2014-12-04 389680]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-04 198192]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-08-27 1871784]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-23 937800]
R2 OneSyncSvc_Session2;Sync Host_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-04 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-06-01 5495056]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-18 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-10-26 651856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-07-18 283024]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-28 828376]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 OpenVPNService;OpenVPN Service; D:\Programy\OpenVPN\bin\openvpnserv.exe [2014-10-21 33080]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-04 308720]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session2;Contact Data_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-08-03 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-10-14 838224]
S3 TESHelper;TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [2014-12-04 104696]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v5.014 - Logfile created 23/10/2015 at 18:36:53
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Ricardino - RICHARD
# Running from : C:\Users\Ricardino\Desktop\adwcleaner_5.014.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Consumer Input
[-] Folder Deleted : C:\Program Files (x86)\Lenovo\VisualDiscovery
[-] Folder Deleted : C:\ProgramData\pokki
[-] Folder Deleted : C:\Users\Ricardino\AppData\Local\pokki

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : ConsumerInputUpdateTaskMachineCore
[-] Task Deleted : ConsumerInputUpdateTaskMachineUA

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\CptUrlPassthru.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\dca-bho.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor
[-] Key Deleted : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\dcabho.Dca
[-] Key Deleted : HKLM\SOFTWARE\Classes\dcabho.Dca.1
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [EpicScale]
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
[-] Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [ConsumerInput@Compete]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A57F7191-1E7F-4852-BAAF-F80A43E2687A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DD7C44CC-0F60-4FD9-A38F-5CF30D698AC2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60260024-AA48-4A2F-84DA-2C2DCB24AAD0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
[-] Key Deleted : HKCU\Software\Compete
[-] Key Deleted : HKCU\Software\EpicScale
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Compete
[-] Key Deleted : HKLM\SOFTWARE\CompeteInc
[-] Key Deleted : HKLM\SOFTWARE\LENOVO\VisualDiscovery
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Consumer Input Installer
[!] Key Not Deleted : [x64] HKCU\Software\Compete
[!] Key Not Deleted : [x64] HKCU\Software\EpicScale
[!] Key Not Deleted : HKU\S-1-5-21-488808105-4097251070-3538552251-1001\Software\AppDataLow\Software\Compete
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[!] Data Not Restored : HKU\S-1-5-21-488808105-4097251070-3538552251-1001\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[!] Data Not Restored : HKU\S-1-5-21-488808105-4097251070-3538552251-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]

***** [ Web browsers ] *****

[-] [C:\Users\Ricardino\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.dosearches.com/?utm_source=b&utm_me ... 1383772572

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [5601 bytes] ##########

Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ricardino at 2015-10-25 16:43:49
Microsoft Windows 10 Home
System drive C: has 384 GB (84%) free of 456 GB
Total RAM: 16296 MB (86% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:43:55, on 25.10.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\trend micro\Ricardino.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{946e0766-5d15-455d-afbd-d7bc10d32352}: NameServer = 213.151.222.34 85.237.225.250
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Programy\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - D:\Programy\OpenVPN\bin\openvpnserv.exe
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13673 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e1993fd4-71f8-4540-adcb-a53123e308bf -SystemEventPortName:HostProcess-8e7b3ddb-a98c-4f3e-8b06-28e459390d93 -IoCancelEventPortName:HostProcess-d570383c-f62b-4bc3-8271-65239e54c3f9 -NonStateChangingEventPortName:HostProcess-453889c3-e653-4ab0-8114-840f4dffa53b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:25f654f9-a4b7-4c0c-a03b-ef339a98161f -DeviceGroupId:WudfDefaultDevicePool
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"D:\Programy\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
dashost.exe {cc1fa322-fe04-4a57-bdbc508a77d7edee}
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding

"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession

"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Elantech\ETDCtrl.exe"
sihost.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
taskeng.exe {DC224E9B-ED21-4C75-9772-908F0D45513E}
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 592 616 628 8192 624
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe" 1 1 1 1
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16464_none_116100d161f6ab1d\TiWorker.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-10014_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-10014 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
taskeng.exe {A7F9C09C-AC20-4BAD-9ADE-805E50C537FE}
"C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2236.0.570651228\470608947" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4256 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin4/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2236.2.396235068\471783471" --font-cache-shared-handle=2652 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin4/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2236.3.751057239\2050477772" --font-cache-shared-handle=2684 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin4/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2236.4.1036510019\992659050" --font-cache-shared-handle=4936 /prefetch:673131151
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" --shim
C:\WINDOWS\system32\wbem\wmiprvse.exe
"D:\Programy\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin4/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2236.5.541829100\1770413662" --font-cache-shared-handle=5468 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin4/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2236.6.1118387553\817424110" --font-cache-shared-handle=5784 /prefetch:673131151

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\CIMT_daily_S-1-5-21-488808105-4097251070-3538552251-1001.job - C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe /daily
C:\WINDOWS\tasks\CIMT_S-1-5-21-488808105-4097251070-3538552251-1001.job - C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d041401ac3b372.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d091142e5862b2.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0bfa37948bd6.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25 728840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25 617736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-09-27 3743976]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-06-16 5060864]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-01-21 1179576]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-12-04 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-04 16093512]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-04 8235848]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Bloody2"=C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2014-12-30 16294912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-10-06 597040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-22 07:45:38 ----D---- C:\rsit
2015-10-18 16:01:24 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\SYSWOW64\CallHistoryClient.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\UserDataService.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\Unistore.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\Chakra.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-18 16:01:22 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-10-18 16:01:22 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-10-18 16:01:22 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-18 16:01:21 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2015-10-18 16:01:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-10-18 16:01:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-10-18 16:01:20 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-10-18 16:01:20 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-18 16:01:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-10-18 16:01:18 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-10-18 16:01:18 ----A---- C:\WINDOWS\system32\shell32.dll
2015-10-18 16:01:17 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-10-18 16:01:16 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\ChatApis.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\EmailApis.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\ContactApis.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\PhoneCallHistoryApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-10-18 16:01:13 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-10-18 16:01:13 ----A---- C:\WINDOWS\system32\winload.exe
2015-10-18 16:01:13 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-10-18 16:01:13 ----A---- C:\WINDOWS\system32\jscript.dll
2015-10-18 16:01:12 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-10-18 16:01:12 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-10-18 16:01:12 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2015-10-18 16:01:11 ----A---- C:\WINDOWS\system32\winresume.exe
2015-10-18 16:01:11 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-10-18 16:01:11 ----A---- C:\WINDOWS\system32\fveapi.dll
2015-10-18 16:01:11 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-10-17 10:56:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2015-10-07 15:00:00 ----D---- C:\.Xilinx
2015-10-07 14:58:06 ----D---- C:\ProgramData\.cse
2015-10-07 14:57:38 ----D---- C:\Program Files (x86)\Digilent
2015-10-07 14:57:38 ----A---- C:\WINDOWS\system32\drivers\xpc4drvr.sys
2015-10-07 14:56:59 ----D---- C:\Program Files (x86)\WinPcap
2015-10-07 14:37:54 ----D---- C:\Users\Ricardino\AppData\Roaming\Xilinx
2015-10-02 03:14:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-10-01 14:30:56 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2015-10-01 14:30:55 ----A---- C:\WINDOWS\system32\windows.storage.dll
2015-10-01 14:30:55 ----A---- C:\WINDOWS\system32\mos.dll
2015-10-01 14:30:55 ----A---- C:\WINDOWS\system32\BingMaps.dll
2015-10-01 14:30:54 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2015-10-01 14:30:54 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2015-10-01 14:30:53 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 14:30:52 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 14:30:51 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 14:30:51 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 14:30:51 ----A---- C:\WINDOWS\system32\mfcore.dll
2015-10-01 14:30:50 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2015-10-01 14:30:50 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 14:30:50 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 14:30:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2015-10-01 14:30:49 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2015-10-01 14:30:49 ----A---- C:\WINDOWS\system32\wininet.dll
2015-10-01 14:30:47 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-10-01 14:30:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2015-10-01 14:30:47 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2015-10-01 14:30:47 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2015-10-01 14:30:46 ----A---- C:\WINDOWS\system32\wlansvc.dll
2015-10-01 14:30:46 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-10-01 14:30:45 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2015-10-01 14:30:45 ----A---- C:\WINDOWS\system32\winmde.dll
2015-10-01 14:30:45 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 14:30:45 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 14:30:44 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2015-10-01 14:30:44 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 14:30:44 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 14:30:44 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 14:30:44 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 14:30:43 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-10-01 14:30:43 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2015-10-01 14:30:43 ----A---- C:\WINDOWS\system32\wwansvc.dll
2015-10-01 14:30:43 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 14:30:43 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 14:30:43 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 14:30:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2015-10-01 14:30:42 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2015-10-01 14:30:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-10-01 14:30:42 ----A---- C:\WINDOWS\system32\mfsvr.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\system32\RDXService.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\system32\esent.dll
2015-10-01 14:30:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 14:30:40 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2015-10-01 14:30:40 ----A---- C:\WINDOWS\system32\wpx.dll
2015-10-01 14:30:40 ----A---- C:\WINDOWS\system32\mfds.dll
2015-10-01 14:30:40 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 14:30:40 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 14:30:39 ----A---- C:\WINDOWS\system32\wmpmde.dll
2015-10-01 14:30:39 ----A---- C:\WINDOWS\system32\drivers\Wdf01000.sys
2015-10-01 14:30:39 ----A---- C:\WINDOWS\system32\bisrv.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 14:30:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 14:30:37 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 14:30:37 ----A---- C:\WINDOWS\system32\NotificationController.dll
2015-10-01 14:30:37 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 14:30:36 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2015-10-01 14:30:36 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2015-10-01 14:30:36 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2015-10-01 14:30:36 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 14:30:36 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-10-01 14:30:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2015-10-01 14:30:34 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2015-10-01 14:30:34 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2015-10-01 14:30:34 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2015-10-01 14:30:34 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 14:30:34 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 14:30:34 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 14:30:33 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2015-10-01 14:30:33 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2015-10-01 14:30:33 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 14:30:33 ----A---- C:\WINDOWS\system32\ncsi.dll
2015-10-01 14:30:33 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2015-10-01 14:30:33 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2015-10-01 14:30:32 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\system32\psmsrv.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\system32\provengine.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\system32\mf.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 14:30:30 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2015-10-01 14:30:30 ----A---- C:\WINDOWS\system32\wwanconn.dll
2015-10-01 14:30:30 ----A---- C:\WINDOWS\system32\wuuhext.dll
2015-10-01 14:30:30 ----A---- C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 14:30:30 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 14:30:30 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\pnidui.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\mfps.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\MapsStore.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\cloudAP.dll
2015-10-01 14:30:28 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2015-10-01 14:30:28 ----A---- C:\WINDOWS\system32\omadmclient.exe
2015-10-01 14:30:28 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 14:30:28 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 14:30:28 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2015-10-01 14:30:27 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\wwanmm.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\drivers\buttonconverter.sys
2015-10-01 14:30:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Speech.Pal.dll
2015-10-01 14:30:26 ----A---- C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 14:30:26 ----A---- C:\WINDOWS\system32\omadmapi.dll
2015-10-01 14:30:26 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 14:30:25 ----A---- C:\WINDOWS\system32\syncutil.dll
2015-10-01 14:30:25 ----A---- C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 14:30:25 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 14:30:25 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-10-01 14:30:24 ----A---- C:\WINDOWS\system32\wwancfg.dll
2015-10-01 14:30:24 ----A---- C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\wpnapps.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\netcenter.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\AudioEng.dll
2015-10-01 14:30:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2015-10-01 14:30:22 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2015-10-01 14:30:22 ----A---- C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 14:30:22 ----A---- C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 14:30:22 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 14:30:22 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 14:30:21 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2015-10-01 14:30:21 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2015-10-01 14:30:21 ----A---- C:\WINDOWS\system32\provops.dll
2015-10-01 14:30:21 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 14:30:21 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 14:30:20 ----A---- C:\WINDOWS\SYSWOW64\netcenter.dll
2015-10-01 14:30:20 ----A---- C:\WINDOWS\system32\nlasvc.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\dmcsps.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 14:30:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 14:30:18 ----A---- C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 14:30:18 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 14:30:18 ----A---- C:\WINDOWS\system32\configmanager2.dll
2015-09-27 18:42:05 ----A---- C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-09-27 18:41:42 ----A---- C:\WINDOWS\system32\ETDCoInstaller15005.dll

======List of files/folders modified in the last 1 month======

2015-10-25 16:43:51 ----D---- C:\Program Files\trend micro
2015-10-25 16:43:06 ----D---- C:\WINDOWS\system32\Tasks
2015-10-25 16:43:04 ----D---- C:\WINDOWS\Temp
2015-10-25 16:42:53 ----D---- C:\WINDOWS\AppReadiness
2015-10-25 16:42:49 ----D---- C:\WINDOWS\system32\sru
2015-10-25 16:42:42 ----D---- C:\WINDOWS\Prefetch
2015-10-25 16:42:41 ----D---- C:\WINDOWS\System32
2015-10-25 16:42:41 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-10-23 17:37:04 ----D---- C:\WINDOWS\Tasks
2015-10-23 17:36:53 ----RD---- C:\Program Files (x86)
2015-10-23 17:36:53 ----HD---- C:\ProgramData
2015-10-23 17:36:53 ----D---- C:\Program Files (x86)\Lenovo
2015-10-23 17:36:53 ----D---- C:\AdwCleaner
2015-10-23 17:26:36 ----SHD---- C:\System Volume Information
2015-10-23 17:20:11 ----D---- C:\WINDOWS\Microsoft.NET
2015-10-23 16:33:03 ----D---- C:\Users\Ricardino\AppData\Roaming\vlc
2015-10-23 16:04:46 ----HD---- C:\Program Files\WindowsApps
2015-10-23 06:48:54 ----D---- C:\WINDOWS\INF
2015-10-23 06:48:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-22 16:24:38 ----D---- C:\WINDOWS\system32\NDF
2015-10-22 08:54:41 ----D---- C:\Users\Ricardino\AppData\Roaming\uTorrent
2015-10-22 07:47:17 ----D---- C:\ProgramData\Oracle
2015-10-22 07:45:42 ----SHD---- C:\WINDOWS\Installer
2015-10-22 07:42:57 ----D---- C:\Program Files (x86)\Common Files
2015-10-22 07:41:15 ----D---- C:\WINDOWS\SysWOW64
2015-10-22 07:40:50 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-22 07:40:39 ----D---- C:\Program Files\Java
2015-10-22 07:38:27 ----D---- C:\Program Files (x86)\Java
2015-10-21 18:25:22 ----D---- C:\WINDOWS\system32\config
2015-10-21 12:57:34 ----D---- C:\WINDOWS\WinSxS
2015-10-20 20:42:30 ----D---- C:\WINDOWS\CbsTemp
2015-10-20 16:56:12 ----D---- C:\WINDOWS\system32\DriverStore
2015-10-19 20:18:22 ----D---- C:\WINDOWS\system32\drivers
2015-10-19 20:15:44 ----D---- C:\WINDOWS\system32\Boot
2015-10-19 20:15:44 ----D---- C:\WINDOWS\system32\appraiser
2015-10-19 20:15:43 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-10-19 20:15:43 ----D---- C:\WINDOWS\AppPatch
2015-10-17 11:13:09 ----D---- C:\WINDOWS\system32\MRT
2015-10-16 11:07:54 ----A---- C:\WINDOWS\system32\MRT.exe
2015-10-16 10:36:24 ----A---- C:\IFRToolLog.txt
2015-10-15 19:58:53 ----D---- C:\WINDOWS\LiveKernelReports
2015-10-15 12:48:19 ----D---- C:\WINDOWS\system32\catroot2
2015-10-13 19:52:34 ----D---- C:\Windows
2015-10-13 19:46:41 ----D---- C:\Program Files\TAP-Windows
2015-10-12 17:01:22 ----D---- C:\WINDOWS\debug
2015-10-12 15:40:03 ----D---- C:\WINDOWS\system32\CatRoot
2015-10-08 15:16:39 ----D---- C:\WINDOWS\system32\LogFiles
2015-10-07 20:40:43 ----D---- C:\Program Files (x86)\Microsoft Toolkit Final
2015-10-02 16:21:56 ----D---- C:\WINDOWS\rescache
2015-10-02 03:11:17 ----SD---- C:\WINDOWS\SYSWOW64\F12
2015-10-02 03:11:17 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-10-02 03:11:16 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 03:11:16 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 03:11:15 ----SD---- C:\WINDOWS\system32\F12
2015-10-02 03:11:15 ----D---- C:\WINDOWS\system32\migration
2015-10-02 03:11:14 ----RD---- C:\WINDOWS\PurchaseDialog
2015-10-02 03:11:14 ----D---- C:\WINDOWS\Provisioning
2015-10-02 03:11:13 ----D---- C:\WINDOWS\L2Schemas
2015-09-28 20:27:05 ----D---- C:\Program Files\Elantech

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 dtsoftbus01;@oem53.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-04 283064]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2014-10-10 44632]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R1 SASDIFSV;SASDIFSV; \??\D:\Programy\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\D:\Programy\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 ACPIVPC;@oem34.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-12-04 35576]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 ETD;@oem89.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-09-27 468568]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2015-09-27 30808]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-11-30 91648]
R3 ibtusb;@oem72.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-07-14 263952]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-07-17 6389688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]
R3 iwdbus;@oem50.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MEIx64;@oem70.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-07-10 3496216]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-23 11142984]
R3 nvvad_WaveExtensible;@oem13.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 rt640x64;@oem81.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 RTSPER;@oem74.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-06-15 761600]
R3 rtsuvc;@oem75.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-16 3068160]
R3 tap0901;@oem5.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2014-04-08 27136]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-07-10 105984]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 dg_ssudbus;@oem36.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem18.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-04-16 450520]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 47632]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-08-03 934752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936]
S3 ssudmdm;@oem25.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 tapoas;@oem26.inf,%DeviceDescription%;TAP-Win32 Adapter OAS; C:\WINDOWS\System32\drivers\tapoas.sys [2012-07-15 30720]
S4 RsFx0103;RsFx0103 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; D:\Programy\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-09-27 134888]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2014-01-15 351824]
R2 ibtsiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2014-12-12 125168]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-07-17 351120]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-03-06 584632]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [2014-12-04 389680]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-04 198192]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-08-27 1871784]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-23 937800]
R2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-04 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-06-01 5495056]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-18 43696]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-10-26 651856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc_Session2;Sync Host_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-07-17 283024]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 OpenVPNService;OpenVPN Service; D:\Programy\OpenVPN\bin\openvpnserv.exe [2014-10-21 33080]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-04 308720]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session2;Contact Data_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-08-03 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-10-14 838224]
S3 TESHelper;TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [2014-12-04 104696]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d041401ac3b372.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d091142e5862b2.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0bfa37948bd6.job
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ricardino at 2015-10-25 17:59:01
Microsoft Windows 10 Home
System drive C: has 384 GB (84%) free of 456 GB
Total RAM: 16296 MB (86% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:59:05, on 25.10.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Maxthon\Modules\Service\Update\Mxmsg.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ricardino.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{946e0766-5d15-455d-afbd-d7bc10d32352}: NameServer = 213.151.222.34 85.237.225.250
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Programy\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - D:\Programy\OpenVPN\bin\openvpnserv.exe
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13552 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d606ff97-b508-4d9d-9eac-bd6a8cf0e05d -SystemEventPortName:HostProcess-40ef8408-6d32-4f34-bda8-2312bb8e4438 -IoCancelEventPortName:HostProcess-5236f667-662b-4270-aa2b-5d5bb7b356f2 -NonStateChangingEventPortName:HostProcess-55b3b28b-35d6-43eb-bcb4-c06fa8d738c9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3e0e36ae-a363-4606-bc00-c3b977d54433 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"D:\Programy\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
dashost.exe {0b6ec7a0-6511-4ef5-b2540f1f183c33a6}
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Elantech\ETDCtrl.exe"
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskeng.exe {2EADE656-5DD3-4485-A42F-82D2FF6A339C}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\ProgramData\DatacardService\DCSHelper.exe"
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 612 624 632 8192 628
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
taskeng.exe {E4CF23B7-6920-4F4F-B049-757C963288CB}
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7788.0.1372147105\889724151" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4256 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Control/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7788.2.284799492\306831377" --font-cache-shared-handle=2528 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Control/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7788.3.2022838523\1848968480" --font-cache-shared-handle=2692 /prefetch:673131151
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\Mxmsg.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Control/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7788.4.1530853010\575582598" --font-cache-shared-handle=2860 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Control/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7788.5.1363549498\1789637950" --font-cache-shared-handle=2392 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Control/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7788.6.967914932\1031109715" --font-cache-shared-handle=5764 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Control/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7788.7.982794475\1019833683" --font-cache-shared-handle=4448 /prefetch:673131151
"D:\Programy\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\CIMT_daily_S-1-5-21-488808105-4097251070-3538552251-1001.job - C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe /daily
C:\WINDOWS\tasks\CIMT_S-1-5-21-488808105-4097251070-3538552251-1001.job - C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25 728840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25 617736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-09-27 3743976]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-06-16 5060864]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-01-21 1179576]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-12-04 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-04 16093512]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-04 8235848]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Bloody2"=C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2014-12-30 16294912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-25 17:55:04 ----D---- C:\_OTM
2015-10-22 07:45:38 ----D---- C:\rsit
2015-10-18 16:01:24 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\SYSWOW64\CallHistoryClient.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-10-18 16:01:24 ----A---- C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\UserDataService.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\Unistore.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\Chakra.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-10-18 16:01:23 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-18 16:01:22 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-10-18 16:01:22 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-10-18 16:01:22 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-18 16:01:21 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2015-10-18 16:01:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-10-18 16:01:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-10-18 16:01:20 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-10-18 16:01:20 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-18 16:01:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-10-18 16:01:18 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-10-18 16:01:18 ----A---- C:\WINDOWS\system32\shell32.dll
2015-10-18 16:01:17 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-10-18 16:01:16 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\ChatApis.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\EmailApis.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\ContactApis.dll
2015-10-18 16:01:15 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\PhoneCallHistoryApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-18 16:01:14 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-10-18 16:01:13 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-10-18 16:01:13 ----A---- C:\WINDOWS\system32\winload.exe
2015-10-18 16:01:13 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-10-18 16:01:13 ----A---- C:\WINDOWS\system32\jscript.dll
2015-10-18 16:01:12 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-10-18 16:01:12 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-10-18 16:01:12 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2015-10-18 16:01:11 ----A---- C:\WINDOWS\system32\winresume.exe
2015-10-18 16:01:11 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-10-18 16:01:11 ----A---- C:\WINDOWS\system32\fveapi.dll
2015-10-18 16:01:11 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-10-17 10:56:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2015-10-07 15:00:00 ----D---- C:\.Xilinx
2015-10-07 14:58:06 ----D---- C:\ProgramData\.cse
2015-10-07 14:57:38 ----D---- C:\Program Files (x86)\Digilent
2015-10-07 14:57:38 ----A---- C:\WINDOWS\system32\drivers\xpc4drvr.sys
2015-10-07 14:56:59 ----D---- C:\Program Files (x86)\WinPcap
2015-10-07 14:37:54 ----D---- C:\Users\Ricardino\AppData\Roaming\Xilinx
2015-10-02 03:14:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-10-01 14:30:56 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2015-10-01 14:30:55 ----A---- C:\WINDOWS\system32\windows.storage.dll
2015-10-01 14:30:55 ----A---- C:\WINDOWS\system32\mos.dll
2015-10-01 14:30:55 ----A---- C:\WINDOWS\system32\BingMaps.dll
2015-10-01 14:30:54 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2015-10-01 14:30:54 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2015-10-01 14:30:53 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 14:30:52 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 14:30:51 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 14:30:51 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 14:30:51 ----A---- C:\WINDOWS\system32\mfcore.dll
2015-10-01 14:30:50 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2015-10-01 14:30:50 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 14:30:50 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 14:30:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2015-10-01 14:30:49 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2015-10-01 14:30:49 ----A---- C:\WINDOWS\system32\wininet.dll
2015-10-01 14:30:47 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-10-01 14:30:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2015-10-01 14:30:47 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2015-10-01 14:30:47 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2015-10-01 14:30:46 ----A---- C:\WINDOWS\system32\wlansvc.dll
2015-10-01 14:30:46 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-10-01 14:30:45 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2015-10-01 14:30:45 ----A---- C:\WINDOWS\system32\winmde.dll
2015-10-01 14:30:45 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 14:30:45 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 14:30:44 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2015-10-01 14:30:44 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 14:30:44 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 14:30:44 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 14:30:44 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 14:30:43 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-10-01 14:30:43 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2015-10-01 14:30:43 ----A---- C:\WINDOWS\system32\wwansvc.dll
2015-10-01 14:30:43 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 14:30:43 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 14:30:43 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 14:30:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2015-10-01 14:30:42 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2015-10-01 14:30:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-10-01 14:30:42 ----A---- C:\WINDOWS\system32\mfsvr.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\system32\RDXService.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 14:30:41 ----A---- C:\WINDOWS\system32\esent.dll
2015-10-01 14:30:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 14:30:40 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2015-10-01 14:30:40 ----A---- C:\WINDOWS\system32\wpx.dll
2015-10-01 14:30:40 ----A---- C:\WINDOWS\system32\mfds.dll
2015-10-01 14:30:40 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 14:30:40 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 14:30:39 ----A---- C:\WINDOWS\system32\wmpmde.dll
2015-10-01 14:30:39 ----A---- C:\WINDOWS\system32\drivers\Wdf01000.sys
2015-10-01 14:30:39 ----A---- C:\WINDOWS\system32\bisrv.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 14:30:38 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 14:30:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 14:30:37 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 14:30:37 ----A---- C:\WINDOWS\system32\NotificationController.dll
2015-10-01 14:30:37 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 14:30:36 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2015-10-01 14:30:36 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2015-10-01 14:30:36 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2015-10-01 14:30:36 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 14:30:36 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 14:30:35 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-10-01 14:30:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2015-10-01 14:30:34 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2015-10-01 14:30:34 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2015-10-01 14:30:34 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2015-10-01 14:30:34 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 14:30:34 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 14:30:34 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 14:30:33 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2015-10-01 14:30:33 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2015-10-01 14:30:33 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 14:30:33 ----A---- C:\WINDOWS\system32\ncsi.dll
2015-10-01 14:30:33 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2015-10-01 14:30:33 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2015-10-01 14:30:32 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 14:30:32 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\system32\psmsrv.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\system32\provengine.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\system32\mf.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 14:30:31 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 14:30:30 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2015-10-01 14:30:30 ----A---- C:\WINDOWS\system32\wwanconn.dll
2015-10-01 14:30:30 ----A---- C:\WINDOWS\system32\wuuhext.dll
2015-10-01 14:30:30 ----A---- C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 14:30:30 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 14:30:30 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\pnidui.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\mfps.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\MapsStore.dll
2015-10-01 14:30:29 ----A---- C:\WINDOWS\system32\cloudAP.dll
2015-10-01 14:30:28 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2015-10-01 14:30:28 ----A---- C:\WINDOWS\system32\omadmclient.exe
2015-10-01 14:30:28 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 14:30:28 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 14:30:28 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2015-10-01 14:30:27 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\wwanmm.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2015-10-01 14:30:27 ----A---- C:\WINDOWS\system32\drivers\buttonconverter.sys
2015-10-01 14:30:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Speech.Pal.dll
2015-10-01 14:30:26 ----A---- C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 14:30:26 ----A---- C:\WINDOWS\system32\omadmapi.dll
2015-10-01 14:30:26 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 14:30:25 ----A---- C:\WINDOWS\system32\syncutil.dll
2015-10-01 14:30:25 ----A---- C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 14:30:25 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 14:30:25 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-10-01 14:30:24 ----A---- C:\WINDOWS\system32\wwancfg.dll
2015-10-01 14:30:24 ----A---- C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\wpnapps.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\netcenter.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 14:30:23 ----A---- C:\WINDOWS\system32\AudioEng.dll
2015-10-01 14:30:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2015-10-01 14:30:22 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2015-10-01 14:30:22 ----A---- C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 14:30:22 ----A---- C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 14:30:22 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 14:30:22 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 14:30:21 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2015-10-01 14:30:21 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2015-10-01 14:30:21 ----A---- C:\WINDOWS\system32\provops.dll
2015-10-01 14:30:21 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 14:30:21 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 14:30:20 ----A---- C:\WINDOWS\SYSWOW64\netcenter.dll
2015-10-01 14:30:20 ----A---- C:\WINDOWS\system32\nlasvc.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\dmcsps.dll
2015-10-01 14:30:19 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 14:30:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 14:30:18 ----A---- C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 14:30:18 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 14:30:18 ----A---- C:\WINDOWS\system32\configmanager2.dll
2015-09-27 18:42:05 ----A---- C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-09-27 18:41:42 ----A---- C:\WINDOWS\system32\ETDCoInstaller15005.dll

======List of files/folders modified in the last 1 month======

2015-10-25 17:59:05 ----D---- C:\Program Files\trend micro
2015-10-25 17:58:24 ----D---- C:\WINDOWS\System32
2015-10-25 17:58:24 ----D---- C:\WINDOWS\INF
2015-10-25 17:58:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-25 17:57:22 ----D---- C:\WINDOWS\system32\Tasks
2015-10-25 17:57:12 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-10-25 17:57:09 ----D---- C:\WINDOWS\Temp
2015-10-25 17:56:39 ----D---- C:\WINDOWS\system32\sru
2015-10-25 17:55:26 ----D---- C:\WINDOWS\SysWOW64
2015-10-25 17:55:10 ----D---- C:\WINDOWS\Prefetch
2015-10-25 17:55:05 ----D---- C:\WINDOWS\Tasks
2015-10-25 17:02:15 ----D---- C:\WINDOWS\Microsoft.NET
2015-10-25 16:42:55 ----D---- C:\WINDOWS\AppReadiness
2015-10-23 17:36:53 ----RD---- C:\Program Files (x86)
2015-10-23 17:36:53 ----HD---- C:\ProgramData
2015-10-23 17:36:53 ----D---- C:\Program Files (x86)\Lenovo
2015-10-23 17:36:53 ----D---- C:\AdwCleaner
2015-10-23 17:26:36 ----SHD---- C:\System Volume Information
2015-10-23 16:33:03 ----D---- C:\Users\Ricardino\AppData\Roaming\vlc
2015-10-23 16:04:46 ----HD---- C:\Program Files\WindowsApps
2015-10-22 16:24:38 ----D---- C:\WINDOWS\system32\NDF
2015-10-22 08:54:41 ----D---- C:\Users\Ricardino\AppData\Roaming\uTorrent
2015-10-22 07:47:17 ----D---- C:\ProgramData\Oracle
2015-10-22 07:45:42 ----SHD---- C:\WINDOWS\Installer
2015-10-22 07:42:57 ----D---- C:\Program Files (x86)\Common Files
2015-10-22 07:40:50 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-22 07:40:39 ----D---- C:\Program Files\Java
2015-10-22 07:38:27 ----D---- C:\Program Files (x86)\Java
2015-10-21 18:25:22 ----D---- C:\WINDOWS\system32\config
2015-10-21 12:57:34 ----D---- C:\WINDOWS\WinSxS
2015-10-20 20:42:30 ----D---- C:\WINDOWS\CbsTemp
2015-10-20 16:56:12 ----D---- C:\WINDOWS\system32\DriverStore
2015-10-19 20:18:22 ----D---- C:\WINDOWS\system32\drivers
2015-10-19 20:15:44 ----D---- C:\WINDOWS\system32\Boot
2015-10-19 20:15:44 ----D---- C:\WINDOWS\system32\appraiser
2015-10-19 20:15:43 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-10-19 20:15:43 ----D---- C:\WINDOWS\AppPatch
2015-10-17 11:13:09 ----D---- C:\WINDOWS\system32\MRT
2015-10-16 11:07:54 ----A---- C:\WINDOWS\system32\MRT.exe
2015-10-16 10:36:24 ----A---- C:\IFRToolLog.txt
2015-10-15 19:58:53 ----D---- C:\WINDOWS\LiveKernelReports
2015-10-15 12:48:19 ----D---- C:\WINDOWS\system32\catroot2
2015-10-13 19:52:34 ----D---- C:\Windows
2015-10-13 19:46:41 ----D---- C:\Program Files\TAP-Windows
2015-10-12 17:01:22 ----D---- C:\WINDOWS\debug
2015-10-12 15:40:03 ----D---- C:\WINDOWS\system32\CatRoot
2015-10-08 15:16:39 ----D---- C:\WINDOWS\system32\LogFiles
2015-10-07 20:40:43 ----D---- C:\Program Files (x86)\Microsoft Toolkit Final
2015-10-02 16:21:56 ----D---- C:\WINDOWS\rescache
2015-10-02 03:11:17 ----SD---- C:\WINDOWS\SYSWOW64\F12
2015-10-02 03:11:17 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-10-02 03:11:16 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 03:11:16 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 03:11:15 ----SD---- C:\WINDOWS\system32\F12
2015-10-02 03:11:15 ----D---- C:\WINDOWS\system32\migration
2015-10-02 03:11:14 ----RD---- C:\WINDOWS\PurchaseDialog
2015-10-02 03:11:14 ----D---- C:\WINDOWS\Provisioning
2015-10-02 03:11:13 ----D---- C:\WINDOWS\L2Schemas
2015-09-28 20:27:05 ----D---- C:\Program Files\Elantech

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 dtsoftbus01;@oem53.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-04 283064]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2014-10-10 44632]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R1 SASDIFSV;SASDIFSV; \??\D:\Programy\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\D:\Programy\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 ACPIVPC;@oem34.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-12-04 35576]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 ETD;@oem89.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-09-27 468568]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2015-09-27 30808]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-11-30 91648]
R3 ibtusb;@oem72.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-07-14 263952]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-07-17 6389688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]
R3 iwdbus;@oem50.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MEIx64;@oem70.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-07-10 3496216]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-23 11142984]
R3 nvvad_WaveExtensible;@oem13.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 rt640x64;@oem81.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 RTSPER;@oem74.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-06-15 761600]
R3 rtsuvc;@oem75.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-16 3068160]
R3 tap0901;@oem5.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2014-04-08 27136]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-07-10 105984]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 dg_ssudbus;@oem36.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem18.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-04-16 450520]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 47632]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-08-03 934752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936]
S3 ssudmdm;@oem25.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 tapoas;@oem26.inf,%DeviceDescription%;TAP-Win32 Adapter OAS; C:\WINDOWS\System32\drivers\tapoas.sys [2012-07-15 30720]
S4 RsFx0103;RsFx0103 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; D:\Programy\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-09-27 134888]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2014-01-15 351824]
R2 ibtsiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2014-12-12 125168]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-07-17 351120]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-03-06 584632]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [2014-12-04 389680]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-04 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-08-27 1871784]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-23 937800]
R2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-04 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-06-01 5495056]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-18 43696]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-10-26 651856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc_Session1;Sync Host_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-07-17 283024]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 OpenVPNService;OpenVPN Service; D:\Programy\OpenVPN\bin\openvpnserv.exe [2014-10-21 33080]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-04 308720]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session1;Contact Data_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-08-03 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-10-14 838224]
S3 TESHelper;TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [2014-12-04 104696]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Log je již OK.

Po reštarte mi nejde otvoriť Štart. Ani klávesnicou ani manuálne.

Njn, opět destky. Není to poprvé. U starších OS tento problém nepamatuji. Zkuste obnovu systému k datu, kdy korektně fungoval.

Čistenie a log to neovplyvní?

Po akci dáme kontrolní log.

Lenovo Recovery potrebuje bod na obnovenie systému no automaticky si ho nevytvára a ja netuším kde v adresári sa môže nejaký nachádzať prípadne či nejaký vôbec je. Druhou možnosťou je teda len obnova systému na továrenské nastavenie..

Já nic nepsal o Lenovo recovery. Samotný systém windows by měl mít obnovu systému. Nevím, jak se k ní dostanete v desítkách (mělo by to být v nápovědě), ale třeba v sedmičkách je to Startmenu>všechny programy>příslušenství>systémové nástroje>obnovení systému.

Obnovil som systém na 19.10. no pri obnove mi napísalo, že niektoré systémové veci sa neobnovili. Po reštarte ide pc pomaly, seká, načítava stále niečo a zaťaženie disku je na 100%. Štart a lišta už opäť fungujú ale niečo je nesprávne.

info.txt logfile of random's system information tool 1.10 2015-10-26 12:39:44

======MBR======

0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001BA6DC19000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

Lenovo Photo Master-->"C:\Program Files (x86)\InstallShield Installation Information\{BC94C56A-3649-420C-8756-2ADEBE399D33}\Setup.exe" /z-uninstall
Lenovo Photo Master-->"C:\Program Files (x86)\InstallShield Installation Information\{BC94C56A-3649-420C-8756-2ADEBE399D33}\Setup.exe" /z-uninstall
-->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall
-->MsiExec /X{F0AE9B24-416F-4CAA-8519-75CABCDAC61A}
Adblock Plus for IE (32-bit and 64-bit)-->MsiExec.exe /X{B169ACBB-219A-4517-94C1-05973FE15263}
Adobe Flash Player 19 NPAPI-->C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_Plugin.exe -maintain plugin
Bloody5-->"C:\ProgramData\Microsoft\Windows\Templates\Bloody5\Setup.exe" uninstall
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CCSDK-->"C:\Program Files (x86)\Lenovo\CCSDK\unins000.exe" /VERYSILENT /VERYSILENT
Counter-Strike 1.6 Non-Steam patch v36-->"D:\Hry\Cs 1.6\unins000.exe"
CyberLink MediaStory-->"C:\Program Files (x86)\InstallShield Installation Information\{55762F9A-FCE3-45d5-817B-051218658423}\Setup.exe" /z-uninstall
CyberLink MediaStory-->"C:\Program Files (x86)\InstallShield Installation Information\{55762F9A-FCE3-45d5-817B-051218658423}\Setup.exe" /z-uninstall
CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall
CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall
CyberLink PowerDirector 10-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall
CyberLink PowerDirector 10-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall
DAEMON Tools Lite-->D:\Programy\DAEMON Tools Lite\uninst.exe
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Dependency Package Update-->MsiExec.exe /X{0788641D-D31A-478D-BB34-C41564AE9F93}
Dependency Package Update-->MsiExec.exe /X{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}
Dependency Package Update-->MsiExec.exe /X{3117B53D-A409-4D99-A0DE-11A1A40696FA}
Dependency Package Update-->MsiExec.exe /X{4430150F-61B3-4142-BE04-EAC68C8DDA18}
Dependency Package Update-->MsiExec.exe /X{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}
Dependency Package Update-->MsiExec.exe /X{503B47A9-E34A-4841-ADD7-417191D5DB5E}
Dependency Package Update-->MsiExec.exe /X{5252431C-288E-409D-ADCF-24407E0E6F70}
Dependency Package Update-->MsiExec.exe /X{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}
Dependency Package Update-->MsiExec.exe /X{5B2190E9-199D-450A-94B3-4D6826C770C2}
Dependency Package Update-->MsiExec.exe /X{5BEFE1E1-F597-4B79-913B-15FFDB25B744}
Dependency Package Update-->MsiExec.exe /X{63DE35C9-B080-4D03-B110-99E14FD35BCE}
Dependency Package Update-->MsiExec.exe /X{65316098-0220-4D5C-B37A-6136083A0897}
Dependency Package Update-->MsiExec.exe /X{E966DBE4-5075-465E-BA81-BC9A3A3204B3}
Dependency Package Update-->MsiExec.exe /X{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}
Digilent Software-->"C:\Program Files (x86)\Digilent\uninstall.exe"
Dolby Digital Plus Home Theater-->MsiExec.exe /X{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}
Energy Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{AC768037-7079-4658-AC24-2897650E0ABE}\setup.exe" -runfromtemp -l0x0409 -removeonly
Energy Manager-->MsiExec.exe /I{AC768037-7079-4658-AC24-2897650E0ABE}
ESET Smart Security-->MsiExec.exe /I{8B56A9EA-22AD-4DA8-9744-E63DCEEFA6C6}
Far Cry 4-->"D:\Hry\Far Cry 4\unins000.exe"
FileHippo App Manager-->"D:\Programy\FileHippo.com\uninstall.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto V-->"C:\Program Files (x86)\InstallShield Installation Information\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}\setup.exe" -runfromtemp -l0x0409 -removeonly
Intel(R) Manageability Engine Firmware Recovery Agent-->MsiExec.exe /X{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) Update Manager-->MsiExec.exe /I{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}
Intel(R) Wireless Bluetooth(R)-->MsiExec.exe /I{B2913DAE-3EBC-4C88-8245-0AA34B2E461D}
Intel® PROSet/Wireless Software-->"C:\ProgramData\Package Cache\{313c06de-4aa7-4a1f-930a-f10f80380426}\Setup.exe" /uninstall
Intel® PROSet/Wireless WiFi Software-->MsiExec.exe /I{F27A944C-C95A-4DB7-BC8A-AEFD9B1B5E40}
Intel® Trusted Connect Service Client-->MsiExec.exe /I{B5E06417-A4AC-4225-B36E-7E34C91616E7}
Java 8 Update 60 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86418060F0}
Java 8 Update 60-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218060F0}
Java SE Development Kit 8 Update 40 (64-bit)-->MsiExec.exe /I{64A3A4F4-B792-11D6-A78A-00B0D0180400}
Java SE Development Kit 8 Update 45-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0180450}
Left 4 Dead 2 verze 2.1.3.9-->"D:\Hry\Left 4 Dead 2\unins000.exe"
Lenovo Dependency Package-->"C:\Program Files\lenovo\iMController\unins000.exe"
Lenovo EasyCamera-->"C:\Program Files (x86)\InstallShield Installation Information\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}\setup.exe" /runfromtemp /removeonly /s /f1"C:\Program Files (x86)\InstallShield Installation Information\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}\usetup.iss"
Lenovo EasyCamera-->C:\WINDOWS\RtCamU64.exe /u /s
Lenovo Mobile Phone Wireless Import-->"C:\Program Files (x86)\InstallShield Installation Information\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}\setup.exe" -runfromtemp -l0x0409 -removeonly
Lenovo Mobile Phone Wireless Import-->MsiExec.exe /I{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}
Lenovo Motion Control-->"C:\Program Files (x86)\InstallShield Installation Information\{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}\setup.exe" -runfromtemp -l0x0409 -removeonly
Lenovo Motion Control-->MsiExec.exe /X{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}
Lenovo OneKey Recovery-->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
Lenovo OneKey Recovery-->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
Lenovo PhoneCompanion-->"C:\Program Files (x86)\InstallShield Installation Information\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}\setup.exe" -runfromtemp -l0x0409 -removeonly
Lenovo PhoneCompanion-->MsiExec.exe /I{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}
Lenovo pointing device-->%ProgramFiles%\Elantech\ETDUn_inst.exe
Lenovo PowerDVD10-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
Lenovo PowerDVD10-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
Lenovo Settings-->"C:\Program Files (x86)\InstallShield Installation Information\{42F8AFC3-7944-46CC-9689-94FF9869D0A7}\setup.exe" -runfromtemp -l0x0409 -removeonly
Lenovo Settings-->MsiExec.exe /I{42F8AFC3-7944-46CC-9689-94FF9869D0A7}
Lenovo Updates-->"C:\Program Files (x86)\InstallShield Installation Information\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}\setup.exe" -runfromtemp -l0x0409 -removeonly
Lenovo Updates-->MsiExec.exe /I{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}
Magic Transfer-->"C:\Program Files (x86)\InstallShield Installation Information\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}\setup.exe" -runfromtemp -l0x0409 -removeonly
Magic Transfer-->MsiExec.exe /I{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}
Maxthon Cloud Browser-->C:\Program Files (x86)\Maxthon\Bin\Mx3Uninstall.exe
Metric Collection SDK 35-->MsiExec.exe /X{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}
Microsoft .NET Framework 4 Multi-Targeting Pack-->MsiExec.exe /I{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}
Microsoft Access MUI (English) 2013-->MsiExec.exe /X{90150000-0015-0409-1000-0000000FF1CE}
Microsoft Access MUI (Slovak) 2013-->MsiExec.exe /X{90150000-0015-041B-1000-0000000FF1CE}
Microsoft Access Setup Metadata MUI (English) 2013-->MsiExec.exe /X{90150000-0117-0409-1000-0000000FF1CE}
Microsoft DCF MUI (English) 2013-->MsiExec.exe /X{90150000-0090-0409-1000-0000000FF1CE}
Microsoft DCF MUI (Slovak) 2013-->MsiExec.exe /X{90150000-0090-041B-1000-0000000FF1CE}
Microsoft Excel MUI (English) 2013-->MsiExec.exe /X{90150000-0016-0409-1000-0000000FF1CE}
Microsoft Excel MUI (Slovak) 2013-->MsiExec.exe /X{90150000-0016-041B-1000-0000000FF1CE}
Microsoft Groove MUI (English) 2013-->MsiExec.exe /X{90150000-00BA-0409-1000-0000000FF1CE}
Microsoft Groove MUI (Slovak) 2013-->MsiExec.exe /X{90150000-00BA-041B-1000-0000000FF1CE}
Microsoft Help Viewer 1.0-->C:\Program Files\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.0\install.exe
Microsoft Help Viewer 1.0-->MsiExec.exe /X{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}
Microsoft InfoPath MUI (English) 2013-->MsiExec.exe /X{90150000-0044-0409-1000-0000000FF1CE}
Microsoft InfoPath MUI (Slovak) 2013-->MsiExec.exe /X{90150000-0044-041B-1000-0000000FF1CE}
Microsoft Lync MUI (English) 2013-->MsiExec.exe /X{90150000-012B-0409-1000-0000000FF1CE}
Microsoft Lync MUI (Slovak) 2013-->MsiExec.exe /X{90150000-012B-041B-1000-0000000FF1CE}
Microsoft Office 32-bit Components 2013-->MsiExec.exe /X{90150000-00C1-0000-1000-0000000FF1CE}
Microsoft Office Korrekturhilfen 2013 - Deutsch-->MsiExec.exe /X{90150000-001F-0407-1000-0000000FF1CE}
Microsoft Office Language Pack 2013 - Slovak/Slovenčina-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\setup.exe" /uninstall OMUI.SK-SK /dll OSETUP.DLL
Microsoft Office Nyelvi ellenőrző eszközök 2013 – magyar-->MsiExec.exe /X{90150000-001F-040E-1000-0000000FF1CE}
Microsoft Office O MUI (Slovak) 2013-->MsiExec.exe /X{90150000-0100-041B-1000-0000000FF1CE}
Microsoft Office OSM MUI (English) 2013-->MsiExec.exe /X{90150000-00E1-0409-1000-0000000FF1CE}
Microsoft Office OSM MUI (Slovak) 2013-->MsiExec.exe /X{90150000-00E1-041B-1000-0000000FF1CE}
Microsoft Office OSM UX MUI (English) 2013-->MsiExec.exe /X{90150000-00E2-0409-1000-0000000FF1CE}
Microsoft Office OSM UX MUI (Slovak) 2013-->MsiExec.exe /X{90150000-00E2-041B-1000-0000000FF1CE}
Microsoft Office Professional Plus 2013-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2013-->MsiExec.exe /X{90150000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proofing (English) 2013-->MsiExec.exe /X{90150000-002C-0409-1000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2013-->MsiExec.exe /X{90150000-002C-041B-1000-0000000FF1CE}
Microsoft Office Proofing Tools 2013 - English-->MsiExec.exe /X{90150000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proofing Tools 2013 - Español-->MsiExec.exe /X{90150000-001F-0C0A-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (English) 2013-->MsiExec.exe /X{90150000-00C1-0409-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Slovak) 2013-->MsiExec.exe /X{90150000-00C1-041B-1000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2013-->MsiExec.exe /X{90150000-006E-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2013-->MsiExec.exe /X{90150000-006E-041B-1000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2013-->MsiExec.exe /X{90150000-0115-0409-1000-0000000FF1CE}
Microsoft OneNote MUI (English) 2013-->MsiExec.exe /X{90150000-00A1-0409-1000-0000000FF1CE}
Microsoft OneNote MUI (Slovak) 2013-->MsiExec.exe /X{90150000-00A1-041B-1000-0000000FF1CE}
Microsoft Outlook MUI (English) 2013-->MsiExec.exe /X{90150000-001A-0409-1000-0000000FF1CE}
Microsoft Outlook MUI (Slovak) 2013-->MsiExec.exe /X{90150000-001A-041B-1000-0000000FF1CE}
Microsoft PowerPoint MUI (English) 2013-->MsiExec.exe /X{90150000-0018-0409-1000-0000000FF1CE}
Microsoft PowerPoint MUI (Slovak) 2013-->MsiExec.exe /X{90150000-0018-041B-1000-0000000FF1CE}
Microsoft Publisher MUI (English) 2013-->MsiExec.exe /X{90150000-0019-0409-1000-0000000FF1CE}
Microsoft Publisher MUI (Slovak) 2013-->MsiExec.exe /X{90150000-0019-041B-1000-0000000FF1CE}
Microsoft SharePoint Designer MUI (Slovak) 2013-->MsiExec.exe /X{90150000-0017-041B-1000-0000000FF1CE}
Microsoft SQL Server 2008 (64-bit)-->"c:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x64\SetupARP.exe"
Microsoft SQL Server 2008 (64-bit)-->"c:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x64\SetupARP.exe"
Microsoft SQL Server 2008 Browser-->MsiExec.exe /X{C688457E-03FD-4941-923B-A27F4D42A7DD}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{5340A3B5-3853-4745-BED2-DD9FF5371331}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{FA7394B8-CE65-4F9E-AC99-F372AD365424}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{FBD367D1-642F-47CF-B79B-9BE48FB34007}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{DF167CE3-60E7-44EA-99EC-2507C51F37AE}
Microsoft SQL Server 2008 Native Client-->MsiExec.exe /I{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}
Microsoft SQL Server 2008 RsFx Driver-->MsiExec.exe /I{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}
Microsoft SQL Server 2008 Setup Support Files -->MsiExec.exe /X{B40EE88B-400A-4266-A17B-E3DE64E94431}
Microsoft SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /I{3A9FC03D-C685-4831-94CF-4EDFD3749497}
Microsoft SQL Server Compact 3.5 SP2 x64 ENU-->MsiExec.exe /I{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{0826F9E4-787E-481D-83E0-BC6A57B056D5}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974-->MsiExec.exe /X{B7E38540-E355-3503-AFD7-635B2F2F76E1}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2010 Express - ENU-->D:\Programy\Microsoft Visual\Microsoft Visual C++ 2010 Express - ENU\setup.exe
Microsoft Visual C++ 2010 Express - ENU-->MsiExec.exe /X{46F8CF66-AB83-38A7-99B2-A5BE507EE472}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610-->"C:\ProgramData\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610-->MsiExec.exe /X{764384C5-BCA9-307C-9AAC-FD443662686A}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610-->MsiExec.exe /X{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU-->MsiExec.exe /X{BCA26999-EC22-3007-BB79-638913079C9A}
Microsoft Word MUI (English) 2013-->MsiExec.exe /X{90150000-001B-0409-1000-0000000FF1CE}
Microsoft Word MUI (Slovak) 2013-->MsiExec.exe /X{90150000-001B-041B-1000-0000000FF1CE}
Microsoft X MUI (Slovak) 2013-->MsiExec.exe /X{90150000-0101-041B-1000-0000000FF1CE}
Microsoft Zoo Tycoon-->"D:\Hry\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove
Mobile Partner-->C:\Program Files (x86)\Mobile Partner\uninst.exe
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština-->MsiExec.exe /X{90150000-001F-0405-1000-0000000FF1CE}
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina-->MsiExec.exe /X{90150000-001F-041B-1000-0000000FF1CE}
NVIDIA GeForce Experience 1.8.2-->"C:\windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{BB6D4A54-0B06-4D9C-A9C4-E334880E0662}\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Graphics Driver 332.50-->"C:\windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{BB6D4A54-0B06-4D9C-A9C4-E334880E0662}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX System Software 9.13.0927-->"C:\windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{BB6D4A54-0B06-4D9C-A9C4-E334880E0662}\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA PhysX-->MsiExec.exe /I{F0AE9B24-416F-4CAA-8519-75CABCDAC61A}
NVIDIA Virtual Audio 1.2.20-->"C:\windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{BB6D4A54-0B06-4D9C-A9C4-E334880E0662}\NVI2.DLL",UninstallPackage VirtualAudio.Driver
Onekey Theater-->"C:\Program Files (x86)\InstallShield Installation Information\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}\setup.exe" -runfromtemp -l0x0009 -removeonly
OpenVPN 2.3.4-I605 -->D:\Programy\OpenVPN\Uninstall.exe
Outils de vérification linguistique 2013 de Microsoft Office - Français-->MsiExec.exe /X{90150000-001F-040C-1000-0000000FF1CE}
Realtek Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}\setup.exe" -runfromtemp -removeonly
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Rockstar Games Social Club-->C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit)-->"c:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\setup.exe" /Action=RemovePatch /AllInstances
SHAREit-->"C:\Program Files (x86)\Lenovo\SHAREit\unins000.exe"
Sql Server Customer Experience Improvement Program-->MsiExec.exe /I{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}
Steam-->D:\Programy\Steam\uninstall.exe
SUPERAntiSpyware-->"D:\Programy\SUPERAntiSpyware\Uninstall.exe"
TAP-Windows 9.21.0-->C:\Program Files\TAP-Windows\Uninstall.exe
Team Fortress 2-->"D:\Programy\Steam\steam.exe" steam://uninstall/440
TeamViewer 10-->C:\Program Files (x86)\TeamViewer\uninstall.exe
UESDK-->"C:\Program Files (x86)\Lenovo\UESDK\unins000.exe" /VERYSILENT /VERYSILENT
User Manuals-->"C:\Program Files (x86)\InstallShield Installation Information\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}\setup.exe" -runfromtemp -l0x0409 -removeonly
User Manuals-->MsiExec.exe /X{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}
VLC media player-->D:\Programy\VLC\uninstall.exe
Winamp-->"D:\Programy\Winamp\UninstWA.exe"
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34)-->C:\PROGRA~1\DIFX\8C6574~1\DPInst.exe /u C:\windows\System32\DriverStore\FileRepository\acpivpc.inf_amd64_096f446edcbd01f6\acpivpc.inf
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288)-->C:\PROGRA~1\DIFX\8C6574~1\DPInst.exe /u C:\windows\System32\DriverStore\FileRepository\wudfvhidmini.inf_amd64_7d883db511b20660\wudfvhidmini.inf
WinPcap 4.1.1-->C:\Program Files (x86)\WinPcap\uninstall.exe
WinRAR 5.20 (64-bitová verzia)-->D:\Programy\WinRAR\uninstall.exe
Xilinx Design Tools ISE Design Suite System Edition 14.7 (D:\Programy\Xilinx\14.7\ISE_DS)-->D:\Programy\Xilinx\14.7\ISE_DS/.xinstall/bin/nt64/xsetup.exe -uninstall

======System event log======

Computer Name: Richard
Event Code: 10317
Message: Miniport TAP-Win32 Adapter OAS, {4C98FA31-4589-45DE-838C-5073A49B84D1}, had event 76
Record Number: 65
Source Name: Microsoft-Windows-NDIS
Time Written: 20150802183429.786431-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Richard
Event Code: 7023
Message: Služba IP Helper bola ukončená s nasledujúcou chybou:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Record Number: 51
Source Name: Service Control Manager
Time Written: 20150802183322.899020-000
Event Type: Error
User:

Computer Name: Richard
Event Code: 7001
Message: Spustenie služby Windows Defender Mini-Filter Driver, od ktorej závisí služba Windows Defender Network Inspection System Driver, zlyhalo kvôli nasledujúcej chybe:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Record Number: 49
Source Name: Service Control Manager
Time Written: 20150802183320.347693-000
Event Type: Error
User:

Computer Name: Richard
Event Code: 7023
Message: Služba Network List Service bola ukončená s nasledujúcou chybou:
The device is not ready.
Record Number: 48
Source Name: Service Control Manager
Time Written: 20150802183318.582052-000
Event Type: Error
User:

Computer Name: Richard
Event Code: 7022
Message: Služba Network Setup Service sa pri spustení zablokovala.
Record Number: 37
Source Name: Service Control Manager
Time Written: 20150802183255.940721-000
Event Type: Error
User:

=====Application event log=====

Computer Name: Richard
Event Code: 8317
Message: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$SQLEXPRESS\Performance'. SQL Server performance counters are disabled.
Record Number: 36
Source Name: MSSQL$SQLEXPRESS
Time Written: 20150802184931.000000-000
Event Type: Error
User:

Computer Name: Richard
Event Code: 1
Message:
Record Number: 22
Source Name: NvStreamSvc
Time Written: 20150802184901.000000-000
Event Type: Error
User:

Computer Name: Richard
Event Code: 1
Message:
Record Number: 21
Source Name: NvStreamSvc
Time Written: 20150802184901.000000-000
Event Type: Error
User:

Computer Name: Richard
Event Code: 1
Message:
Record Number: 20
Source Name: NvStreamSvc
Time Written: 20150802184901.000000-000
Event Type: Error
User:

Computer Name: Richard
Event Code: 1534
Message: Profile notification of event Create for component {D63AA156-D534-4BAC-9BF1-55359CF5EC30} failed, error code is The system cannot find the path specified.
.


Record Number: 10
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20150802183906.070451-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: Richard
Event Code: 4688
Message: A new process has been created.

Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Process Information:
New Process ID: 0x1d4
New Process Name: C:\Windows\System32\smss.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x180
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:

Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.

Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.

Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.

Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150802183143.937199-000
Event Type: Audit Success
User:

Computer Name: Richard
Event Code: 4688
Message: A new process has been created.

Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Process Information:
New Process ID: 0x1c8
New Process Name: C:\Windows\System32\setupcl.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x180
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:

Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.

Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.

Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.

Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150802183132.229378-000
Event Type: Audit Success
User:

Computer Name: Richard
Event Code: 4688
Message: A new process has been created.

Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Process Information:
New Process ID: 0x18c
New Process Name: C:\Windows\System32\autochk.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x180
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:

Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.

Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.

Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.

Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150802183128.837336-000
Event Type: Audit Success
User:

Computer Name: Richard
Event Code: 4688
Message: A new process has been created.

Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Process Information:
New Process ID: 0x180
New Process Name: C:\Windows\System32\smss.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x4
Creator Process Name:
Process Command Line:

Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.

Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.

Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.

Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150802183128.752893-000
Event Type: Audit Success
User:

Computer Name: Richard
Event Code: 4826
Message: Boot Configuration Data loaded.

Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

General Settings:
Load Options: -
Advanced Options: No
Configuration Access Policy: Default
System Event Logging: No
Kernel Debugging: No
VSM Launch Type: Off

Signature Settings:
Test Signing: No
Flight Signing: No
Disable Integrity Checks: No

HyperVisor Settings:
HyperVisor Load Options: -
HyperVisor Launch Type: Off
HyperVisor Debugging: No
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150802183128.711480-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"NUMBER_OF_PROCESSORS"=8
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=3c03
"FP_NO_HOST_CHECK"=NO
"Path"=C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Lenovo\Motion Control\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;D:\Programy\OpenVPN\bin
"configsetroot"=%SystemRoot%\ConfigSetRoot
"easyplussdk"="C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin"
"VS100COMNTOOLS"=D:\Programy\Microsoft Visual\Common7\Tools\
"ESET_OPTIONS"=

-----------------EOF-----------------