Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Sekajicí se PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Sekajicí se PC
Ahoj, ntb zamrzá někdy i při pouhém otevření průzkumníka, víc jak dvou tabu v prohlížeči, přehraje tak 1-5 minut videa. Disk vyleti na 100%, ale nevidím žádný proces, který by ho tak vytěžoval.
Logfile of random's system information tool 1.16 (written by random/random)
Run by Bea at 2017-09-11 20:11:54
Microsoft Windows 8.1
System drive C: has 437 GB (48%) free of 904 GB
Total RAM: 8058 MB (84% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:58, on 11. 9. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\USB Camera2\VM332STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files\trend micro\Bea_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKUS\S-1-5-21-3294375576-709941325-3428392197-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem9.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: Web Update Wizard Service V4 (WebUpdate4) - Data Perceptions / PowerProgrammer - C:\WINDOWS\SysWOW64\WebUpdateSvc4.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8933 bytes
====== Enumerating Processes ======
C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Sandboxie\SbieSvc.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\WINDOWS\system32\BtwRSupportService.exe
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
C:\WINDOWS\system32\CxAudMsg64.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe"
C:\WINDOWS\SysWOW64\SAsrv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\SysWOW64\WebUpdateSvc4.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-69db3897-c1c1-4f91-bd79-567ae7d7c1bf -SystemEventPortName:HostProcess-5efae471-f675-4667-9691-2a331ee12a93 -IoCancelEventPortName:HostProcess-3830429b-533e-4412-b487-8d800240c4a1 -NonStateChangingEventPortName:HostProcess-42fc1493-614b-4d59-bae6-538c3b28b2eb -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:70d5c643-64ee-4a56-8621-352398f86097 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\dwm.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\USB Camera2\VM332STI.EXE"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\WINDOWS\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\Bea\Desktop\RSITx64.exe"
====== Scheduled tasks folder ======
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-Beata-Bea - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe /prepare
C:\WINDOWS\system32\tasks\McAfeeLogon - C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe /platui
C:\WINDOWS\system32\tasks\MirageAgent - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program - "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Solution Center Launcher - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe UpdateStatus
C:\WINDOWS\system32\tasks\Lenovo\LSC\Lenovo Solution Center Notifications - C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScan - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\RebootCountTask - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -rebootcount
C:\WINDOWS\system32\tasks\Lenovo\LSC\Time72Task - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3294375576-709941325-3428392197-1002 - "C:\Users\Bea\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe"
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default\addons.json
New Tab Override (WebExtension) - extension - newtaboverride@agenedia.com
Pomocník skrývání prvků pro Adblock Plus - extension - elemhidehelper@adblockplus.org
Firebug - extension - firebug@software.joehewitt.com
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Sage - extension - {a6ca9b3b-5e52-4f47-85d8-cca35bb57596}
Google Image Search - extension - {73007fef-a6e0-47d3-b4e7-dfc116ed6f65}
Resurrect Pages - extension - {0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}
Video DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d}
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default\extensions.json
Element Hiding Helper for Adblock Plus - extension - elemhidehelper@adblockplus.org -
BetterPrivacy - extension - {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} -
Video DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} -
Firebug - extension - firebug@software.joehewitt.com -
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781} -
Google Image Search - extension - {73007fef-a6e0-47d3-b4e7-dfc116ed6f65} -
Resurrect Pages - extension - {0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3} -
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -
Sage - extension - {a6ca9b3b-5e52-4f47-85d8-cca35bb57596} -
Application Update Service Helper - extension - aushelper@mozilla.org -
Multi-process staged rollout - extension - e10srollout@mozilla.org -
Pocket - extension - firefox@getpocket.com -
Web Compat - extension - webcompat@mozilla.org -
Firefox Screenshots - extension - screenshots@mozilla.org -
Click-to-Play staged rollout - extension - clicktoplay-rollout@mozilla.org -
Follow-on Search Telemetry - extension - followonsearch@mozilla.com -
Shield Recipe Client - extension - shield-recipe-client@mozilla.org -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} -
New Tab Override - webextension - newtaboverride@agenedia.com -
C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default\pluginreg.dat
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={C4E61C37-7089-49BE-A539-C18722C5D7BD}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={C4E61C37-7089-49BE-A539-C18722C5D7BD}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-08 2864016]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-23 1793736]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2010-11-03 1580368]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2015-08-27 395168]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-07-24 903384]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-10-20 17080376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-10-20 191544]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2017-06-05 799368]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"332BigDog"=C:\Program Files (x86)\USB Camera2\VM332STI.EXE [2012-03-20 548864]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-07-13 2407008]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfemms]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-09-11 07:05:24 ----D---- C:\WINDOWS\Minidump
2017-09-10 19:35:49 ----D---- C:\rsit
2017-09-10 17:41:49 ----D---- C:\Users\Bea\AppData\Roaming\vlc
2017-09-06 09:39:16 ----D---- C:\Program Files (x86)\Xvid
2017-09-06 09:39:16 ----A---- C:\WINDOWS\SYSWOW64\xvidvfw.dll
2017-09-06 09:39:16 ----A---- C:\WINDOWS\SYSWOW64\xvidcore.dll
2017-09-06 09:39:16 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2017-09-06 09:39:16 ----A---- C:\WINDOWS\system32\xvidcore.dll
2017-08-30 09:00:14 ----RD---- C:\Sandbox
2017-08-30 08:58:36 ----A---- C:\WINDOWS\Sandboxie.ini
2017-08-30 08:58:01 ----D---- C:\Program Files\Sandboxie
2017-08-14 08:34:57 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-08-14 08:34:56 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-08-14 08:34:55 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-08-14 08:34:54 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-08-14 08:34:54 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msrepl40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msjtes40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msjetoledb40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\system32\win32k.sys
2017-08-14 08:34:51 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-14 08:34:51 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\msxbde40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\mstext40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\mspbde40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\system32\authui.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\system32\wlansvc.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\system32\tquery.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\system32\termsrv.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\system32\mprapi.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\SYSWOW64\mprapi.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\umrdp.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\SessEnv.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\rastls.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2017-08-14 08:34:46 ----AC---- C:\WINDOWS\system32\drivers\msiscsi.sys
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\mswdat10.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\msjter40.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\system32\wer.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-08-14 08:34:45 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\volmgrx.sys
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2017-08-14 08:34:44 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2017-08-14 08:34:44 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\wlanapi.dll
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\winresume.exe
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\jscript.dll
2017-08-14 08:34:43 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-08-14 08:34:43 ----A---- C:\WINDOWS\system32\winload.exe
2017-08-14 08:34:43 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2017-08-14 08:34:41 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2017-08-14 08:34:41 ----A---- C:\WINDOWS\system32\wfdprov.dll
2017-08-14 08:34:41 ----A---- C:\WINDOWS\system32\ProximityService.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\wininet.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\certcli.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\system32\ieapfltr.dll
====== List of files/folders modified in the last 1 month ======
2017-09-11 20:11:57 ----D---- C:\Program Files\trend micro
2017-09-11 20:02:33 ----D---- C:\WINDOWS\system32\sru
2017-09-11 08:46:20 ----D---- C:\WINDOWS\Temp
2017-09-11 08:40:33 ----D---- C:\WINDOWS\Microsoft.NET
2017-09-11 07:10:24 ----D---- C:\WINDOWS\Prefetch
2017-09-11 07:08:08 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-09-11 07:05:24 ----D---- C:\Windows
2017-09-11 07:00:06 ----D---- C:\WINDOWS\SoftwareDistribution
2017-09-10 17:27:34 ----D---- C:\Users\Bea\AppData\Roaming\Mozilla
2017-09-10 14:22:09 ----D---- C:\Users\Bea\AppData\Roaming\Thunderbird
2017-09-10 10:45:40 ----SHD---- C:\System Volume Information
2017-09-10 07:28:16 ----D---- C:\Program Files\Mozilla Firefox
2017-09-10 07:28:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-10 06:58:15 ----D---- C:\WINDOWS\Inf
2017-09-10 06:58:13 ----D---- C:\WINDOWS\debug
2017-09-06 15:39:13 ----D---- C:\Users\Bea\AppData\Roaming\Macromedia
2017-09-06 09:39:20 ----RD---- C:\WINDOWS\System32
2017-09-06 09:39:17 ----D---- C:\WINDOWS\SysWOW64
2017-09-06 09:39:16 ----RD---- C:\Program Files (x86)
2017-09-04 19:39:43 ----SHD---- C:\WINDOWS\Installer
2017-09-03 07:09:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-31 05:12:31 ----D---- C:\WINDOWS\system32\config
2017-08-30 08:58:01 ----RD---- C:\Program Files
2017-08-27 18:44:08 ----D---- C:\ProgramData\StockSubmitterCore
2017-08-23 19:36:34 ----D---- C:\WINDOWS\WinSxS
2017-08-23 19:30:38 ----D---- C:\WINDOWS\system32\catroot2
2017-08-23 19:22:39 ----D---- C:\WINDOWS\system32\DriverStore
2017-08-16 09:48:36 ----D---- C:\A_komercni mimo FTB
2017-08-15 08:37:21 ----D---- C:\WINDOWS\rescache
2017-08-14 22:54:39 ----D---- C:\WINDOWS\system32\drivers
2017-08-14 22:54:39 ----D---- C:\WINDOWS\system32\Boot
2017-08-14 08:55:03 ----D---- C:\WINDOWS\CbsTemp
2017-08-14 08:53:49 ----D---- C:\WINDOWS\system32\MRT
2017-08-14 08:52:26 ----AC---- C:\WINDOWS\system32\MRT.exe
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2012-10-20 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-02-23 31560]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-11-21 157016]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2017-06-01 71680]
R3 ACPIVPC;@oem11.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2012-10-20 33560]
R3 bcbtums;@oem9.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2012-08-26 164152]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 – ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 CnxtHdAudService;@oem33.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2013-07-10 1299648]
R3 ETD;@oem3.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-08-07 311632]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-08-27 3797424]
R3 IntcDAud;@oem30.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem19.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-02-23 13045960]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2017-06-05 207496]
R3 vm332avs;@oem10.inf,%USBCamera.DeviceDesc2%;Lenovo Camera2; C:\WINDOWS\System32\Drivers\vm332avs.sys [2012-08-25 981112]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2017-06-01 38912]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2014-11-21 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2017-06-01 1201664]
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem18.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2015-03-23 21928]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2016-08-02 216704]
S3 intaud_WaveExtensible;@oem31.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 mfeaack;McAfee Inc. mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [2016-08-02 419624]
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2016-08-01 100136]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2017-06-01 167424]
S3 RSUSBVSTOR;@oem23.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2017-06-01 78848]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-07-13 814688]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-05-18 2246256]
R2 BcmBtRSupport;@oem9.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service; C:\WINDOWS\system32\BtwRSupportService.exe [2012-08-26 2252600]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2012-08-27 953720]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-08-27 330136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-02-04 934216]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-07-31 1258856]
R2 PEFService;Intel Security PEF Service; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2016-05-25 1045336]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2017-06-05 198792]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 WebUpdate4;Web Update Wizard Service V4; C:\WINDOWS\SysWOW64\WebUpdateSvc4.exe [2013-11-25 412776]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-08-27 291744]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2017-02-14 273216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-09-03 194000]
-----------------EOF-----------------
Logfile of random's system information tool 1.16 (written by random/random)
Run by Bea at 2017-09-11 20:11:54
Microsoft Windows 8.1
System drive C: has 437 GB (48%) free of 904 GB
Total RAM: 8058 MB (84% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:58, on 11. 9. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\USB Camera2\VM332STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files\trend micro\Bea_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKUS\S-1-5-21-3294375576-709941325-3428392197-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem9.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: Web Update Wizard Service V4 (WebUpdate4) - Data Perceptions / PowerProgrammer - C:\WINDOWS\SysWOW64\WebUpdateSvc4.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8933 bytes
====== Enumerating Processes ======
C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Sandboxie\SbieSvc.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\WINDOWS\system32\BtwRSupportService.exe
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
C:\WINDOWS\system32\CxAudMsg64.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe"
C:\WINDOWS\SysWOW64\SAsrv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\SysWOW64\WebUpdateSvc4.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-69db3897-c1c1-4f91-bd79-567ae7d7c1bf -SystemEventPortName:HostProcess-5efae471-f675-4667-9691-2a331ee12a93 -IoCancelEventPortName:HostProcess-3830429b-533e-4412-b487-8d800240c4a1 -NonStateChangingEventPortName:HostProcess-42fc1493-614b-4d59-bae6-538c3b28b2eb -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:70d5c643-64ee-4a56-8621-352398f86097 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\dwm.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\USB Camera2\VM332STI.EXE"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\WINDOWS\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\Bea\Desktop\RSITx64.exe"
====== Scheduled tasks folder ======
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-Beata-Bea - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe /prepare
C:\WINDOWS\system32\tasks\McAfeeLogon - C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe /platui
C:\WINDOWS\system32\tasks\MirageAgent - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program - "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Solution Center Launcher - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe UpdateStatus
C:\WINDOWS\system32\tasks\Lenovo\LSC\Lenovo Solution Center Notifications - C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScan - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\RebootCountTask - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -rebootcount
C:\WINDOWS\system32\tasks\Lenovo\LSC\Time72Task - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3294375576-709941325-3428392197-1002 - "C:\Users\Bea\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe"
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default\addons.json
New Tab Override (WebExtension) - extension - newtaboverride@agenedia.com
Pomocník skrývání prvků pro Adblock Plus - extension - elemhidehelper@adblockplus.org
Firebug - extension - firebug@software.joehewitt.com
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Sage - extension - {a6ca9b3b-5e52-4f47-85d8-cca35bb57596}
Google Image Search - extension - {73007fef-a6e0-47d3-b4e7-dfc116ed6f65}
Resurrect Pages - extension - {0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}
Video DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d}
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default\extensions.json
Element Hiding Helper for Adblock Plus - extension - elemhidehelper@adblockplus.org -
BetterPrivacy - extension - {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} -
Video DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} -
Firebug - extension - firebug@software.joehewitt.com -
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781} -
Google Image Search - extension - {73007fef-a6e0-47d3-b4e7-dfc116ed6f65} -
Resurrect Pages - extension - {0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3} -
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -
Sage - extension - {a6ca9b3b-5e52-4f47-85d8-cca35bb57596} -
Application Update Service Helper - extension - aushelper@mozilla.org -
Multi-process staged rollout - extension - e10srollout@mozilla.org -
Pocket - extension - firefox@getpocket.com -
Web Compat - extension - webcompat@mozilla.org -
Firefox Screenshots - extension - screenshots@mozilla.org -
Click-to-Play staged rollout - extension - clicktoplay-rollout@mozilla.org -
Follow-on Search Telemetry - extension - followonsearch@mozilla.com -
Shield Recipe Client - extension - shield-recipe-client@mozilla.org -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} -
New Tab Override - webextension - newtaboverride@agenedia.com -
C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default\pluginreg.dat
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={C4E61C37-7089-49BE-A539-C18722C5D7BD}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={C4E61C37-7089-49BE-A539-C18722C5D7BD}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-08 2864016]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-23 1793736]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2010-11-03 1580368]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2015-08-27 395168]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-07-24 903384]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-10-20 17080376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-10-20 191544]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2017-06-05 799368]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"332BigDog"=C:\Program Files (x86)\USB Camera2\VM332STI.EXE [2012-03-20 548864]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-07-13 2407008]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfemms]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-09-11 07:05:24 ----D---- C:\WINDOWS\Minidump
2017-09-10 19:35:49 ----D---- C:\rsit
2017-09-10 17:41:49 ----D---- C:\Users\Bea\AppData\Roaming\vlc
2017-09-06 09:39:16 ----D---- C:\Program Files (x86)\Xvid
2017-09-06 09:39:16 ----A---- C:\WINDOWS\SYSWOW64\xvidvfw.dll
2017-09-06 09:39:16 ----A---- C:\WINDOWS\SYSWOW64\xvidcore.dll
2017-09-06 09:39:16 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2017-09-06 09:39:16 ----A---- C:\WINDOWS\system32\xvidcore.dll
2017-08-30 09:00:14 ----RD---- C:\Sandbox
2017-08-30 08:58:36 ----A---- C:\WINDOWS\Sandboxie.ini
2017-08-30 08:58:01 ----D---- C:\Program Files\Sandboxie
2017-08-14 08:34:57 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-08-14 08:34:56 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-08-14 08:34:55 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-08-14 08:34:54 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-08-14 08:34:54 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msrepl40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msjtes40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msjetoledb40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\system32\win32k.sys
2017-08-14 08:34:51 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-14 08:34:51 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\msxbde40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\mstext40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\mspbde40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\system32\authui.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\system32\wlansvc.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\system32\tquery.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\system32\termsrv.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\system32\mprapi.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\SYSWOW64\mprapi.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\umrdp.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\SessEnv.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\rastls.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2017-08-14 08:34:46 ----AC---- C:\WINDOWS\system32\drivers\msiscsi.sys
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\mswdat10.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\msjter40.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\system32\wer.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-08-14 08:34:45 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\volmgrx.sys
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2017-08-14 08:34:44 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2017-08-14 08:34:44 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\wlanapi.dll
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\winresume.exe
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\jscript.dll
2017-08-14 08:34:43 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-08-14 08:34:43 ----A---- C:\WINDOWS\system32\winload.exe
2017-08-14 08:34:43 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2017-08-14 08:34:41 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2017-08-14 08:34:41 ----A---- C:\WINDOWS\system32\wfdprov.dll
2017-08-14 08:34:41 ----A---- C:\WINDOWS\system32\ProximityService.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\wininet.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\certcli.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\system32\ieapfltr.dll
====== List of files/folders modified in the last 1 month ======
2017-09-11 20:11:57 ----D---- C:\Program Files\trend micro
2017-09-11 20:02:33 ----D---- C:\WINDOWS\system32\sru
2017-09-11 08:46:20 ----D---- C:\WINDOWS\Temp
2017-09-11 08:40:33 ----D---- C:\WINDOWS\Microsoft.NET
2017-09-11 07:10:24 ----D---- C:\WINDOWS\Prefetch
2017-09-11 07:08:08 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-09-11 07:05:24 ----D---- C:\Windows
2017-09-11 07:00:06 ----D---- C:\WINDOWS\SoftwareDistribution
2017-09-10 17:27:34 ----D---- C:\Users\Bea\AppData\Roaming\Mozilla
2017-09-10 14:22:09 ----D---- C:\Users\Bea\AppData\Roaming\Thunderbird
2017-09-10 10:45:40 ----SHD---- C:\System Volume Information
2017-09-10 07:28:16 ----D---- C:\Program Files\Mozilla Firefox
2017-09-10 07:28:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-10 06:58:15 ----D---- C:\WINDOWS\Inf
2017-09-10 06:58:13 ----D---- C:\WINDOWS\debug
2017-09-06 15:39:13 ----D---- C:\Users\Bea\AppData\Roaming\Macromedia
2017-09-06 09:39:20 ----RD---- C:\WINDOWS\System32
2017-09-06 09:39:17 ----D---- C:\WINDOWS\SysWOW64
2017-09-06 09:39:16 ----RD---- C:\Program Files (x86)
2017-09-04 19:39:43 ----SHD---- C:\WINDOWS\Installer
2017-09-03 07:09:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-31 05:12:31 ----D---- C:\WINDOWS\system32\config
2017-08-30 08:58:01 ----RD---- C:\Program Files
2017-08-27 18:44:08 ----D---- C:\ProgramData\StockSubmitterCore
2017-08-23 19:36:34 ----D---- C:\WINDOWS\WinSxS
2017-08-23 19:30:38 ----D---- C:\WINDOWS\system32\catroot2
2017-08-23 19:22:39 ----D---- C:\WINDOWS\system32\DriverStore
2017-08-16 09:48:36 ----D---- C:\A_komercni mimo FTB
2017-08-15 08:37:21 ----D---- C:\WINDOWS\rescache
2017-08-14 22:54:39 ----D---- C:\WINDOWS\system32\drivers
2017-08-14 22:54:39 ----D---- C:\WINDOWS\system32\Boot
2017-08-14 08:55:03 ----D---- C:\WINDOWS\CbsTemp
2017-08-14 08:53:49 ----D---- C:\WINDOWS\system32\MRT
2017-08-14 08:52:26 ----AC---- C:\WINDOWS\system32\MRT.exe
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2012-10-20 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-02-23 31560]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-11-21 157016]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2017-06-01 71680]
R3 ACPIVPC;@oem11.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2012-10-20 33560]
R3 bcbtums;@oem9.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2012-08-26 164152]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 – ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 CnxtHdAudService;@oem33.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2013-07-10 1299648]
R3 ETD;@oem3.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-08-07 311632]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-08-27 3797424]
R3 IntcDAud;@oem30.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem19.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-02-23 13045960]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2017-06-05 207496]
R3 vm332avs;@oem10.inf,%USBCamera.DeviceDesc2%;Lenovo Camera2; C:\WINDOWS\System32\Drivers\vm332avs.sys [2012-08-25 981112]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2017-06-01 38912]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2014-11-21 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2017-06-01 1201664]
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem18.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2015-03-23 21928]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2016-08-02 216704]
S3 intaud_WaveExtensible;@oem31.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 mfeaack;McAfee Inc. mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [2016-08-02 419624]
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2016-08-01 100136]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2017-06-01 167424]
S3 RSUSBVSTOR;@oem23.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2017-06-01 78848]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-07-13 814688]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-05-18 2246256]
R2 BcmBtRSupport;@oem9.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service; C:\WINDOWS\system32\BtwRSupportService.exe [2012-08-26 2252600]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2012-08-27 953720]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-08-27 330136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-02-04 934216]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-07-31 1258856]
R2 PEFService;Intel Security PEF Service; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2016-05-25 1045336]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2017-06-05 198792]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 WebUpdate4;Web Update Wizard Service V4; C:\WINDOWS\SysWOW64\WebUpdateSvc4.exe [2013-11-25 412776]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-08-27 291744]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2017-02-14 273216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-09-03 194000]
-----------------EOF-----------------
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sekajicí se PC
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Sekajicí se PC
# AdwCleaner 7.0.2.1 - Logfile created on Mon Sep 11 19:11:32 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [941 B] - [2017/9/11 19:11:9]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [941 B] - [2017/9/11 19:11:9]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sekajicí se PC
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Sekajicí se PC
Logfile of random's system information tool 1.16 (written by random/random)
Run by Bea at 2017-09-11 22:35:18
Microsoft Windows 8.1
System drive C: has 438 GB (48%) free of 904 GB
Total RAM: 8058 MB (81% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:35:21, on 11. 9. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\USB Camera2\VM332STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\trend micro\Bea_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKUS\S-1-5-21-3294375576-709941325-3428392197-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem9.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: Web Update Wizard Service V4 (WebUpdate4) - Data Perceptions / PowerProgrammer - C:\WINDOWS\SysWOW64\WebUpdateSvc4.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8995 bytes
====== Enumerating Processes ======
C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\dwm.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Sandboxie\SbieSvc.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\WINDOWS\system32\BtwRSupportService.exe
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
C:\WINDOWS\system32\CxAudMsg64.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe"
C:\WINDOWS\SysWOW64\SAsrv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\SysWOW64\WebUpdateSvc4.exe
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a7a86ff2-34c7-4f33-ab69-bdd3a0cda2ce -SystemEventPortName:HostProcess-dca16269-eb01-44d6-95ec-e83b02817530 -IoCancelEventPortName:HostProcess-fd5821cc-67c0-4474-a084-e477ff050c34 -NonStateChangingEventPortName:HostProcess-98cb3dac-2a0b-42cc-8e2f-2bcf9a9c5124 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e3d4cf4f-1e23-4a25-aaf2-cdc1716b8d77 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\USB Camera2\VM332STI.EXE"
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\WINDOWS\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Users\Bea\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Bea\Desktop\RSITx64.exe"
====== Scheduled tasks folder ======
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-Beata-Bea - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe /prepare
C:\WINDOWS\system32\tasks\McAfeeLogon - C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe /platui
C:\WINDOWS\system32\tasks\MirageAgent - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program - "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Solution Center Launcher - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe UpdateStatus
C:\WINDOWS\system32\tasks\Lenovo\LSC\Lenovo Solution Center Notifications - C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScan - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\RebootCountTask - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -rebootcount
C:\WINDOWS\system32\tasks\Lenovo\LSC\Time72Task - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3294375576-709941325-3428392197-1002 - "C:\Users\Bea\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe"
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default\addons.json
New Tab Override (WebExtension) - extension - newtaboverride@agenedia.com
Pomocník skrývání prvků pro Adblock Plus - extension - elemhidehelper@adblockplus.org
Firebug - extension - firebug@software.joehewitt.com
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Sage - extension - {a6ca9b3b-5e52-4f47-85d8-cca35bb57596}
Google Image Search - extension - {73007fef-a6e0-47d3-b4e7-dfc116ed6f65}
Resurrect Pages - extension - {0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}
Video DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d}
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default\extensions.json
Element Hiding Helper for Adblock Plus - extension - elemhidehelper@adblockplus.org -
BetterPrivacy - extension - {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} -
Video DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} -
Firebug - extension - firebug@software.joehewitt.com -
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781} -
Google Image Search - extension - {73007fef-a6e0-47d3-b4e7-dfc116ed6f65} -
Resurrect Pages - extension - {0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3} -
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -
Sage - extension - {a6ca9b3b-5e52-4f47-85d8-cca35bb57596} -
Application Update Service Helper - extension - aushelper@mozilla.org -
Multi-process staged rollout - extension - e10srollout@mozilla.org -
Pocket - extension - firefox@getpocket.com -
Web Compat - extension - webcompat@mozilla.org -
Firefox Screenshots - extension - screenshots@mozilla.org -
Click-to-Play staged rollout - extension - clicktoplay-rollout@mozilla.org -
Follow-on Search Telemetry - extension - followonsearch@mozilla.com -
Shield Recipe Client - extension - shield-recipe-client@mozilla.org -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} -
New Tab Override - webextension - newtaboverride@agenedia.com -
C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default\pluginreg.dat
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={C4E61C37-7089-49BE-A539-C18722C5D7BD}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={C4E61C37-7089-49BE-A539-C18722C5D7BD}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-08 2864016]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-23 1793736]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2010-11-03 1580368]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2015-08-27 395168]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-07-24 903384]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-10-20 17080376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-10-20 191544]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2017-06-05 799368]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"332BigDog"=C:\Program Files (x86)\USB Camera2\VM332STI.EXE [2012-03-20 548864]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-07-13 2407008]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfemms]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-09-11 22:20:46 ----D---- C:\_OTM
2017-09-11 21:09:59 ----D---- C:\AdwCleaner
2017-09-11 07:05:24 ----D---- C:\WINDOWS\Minidump
2017-09-10 19:35:49 ----D---- C:\rsit
2017-09-10 17:41:49 ----D---- C:\Users\Bea\AppData\Roaming\vlc
2017-09-06 09:39:16 ----D---- C:\Program Files (x86)\Xvid
2017-09-06 09:39:16 ----A---- C:\WINDOWS\SYSWOW64\xvidvfw.dll
2017-09-06 09:39:16 ----A---- C:\WINDOWS\SYSWOW64\xvidcore.dll
2017-09-06 09:39:16 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2017-09-06 09:39:16 ----A---- C:\WINDOWS\system32\xvidcore.dll
2017-08-30 09:00:14 ----RD---- C:\Sandbox
2017-08-30 08:58:36 ----A---- C:\WINDOWS\Sandboxie.ini
2017-08-30 08:58:01 ----D---- C:\Program Files\Sandboxie
2017-08-14 08:34:57 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-08-14 08:34:56 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-08-14 08:34:55 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-08-14 08:34:54 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-08-14 08:34:54 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msrepl40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msjtes40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msjetoledb40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\system32\win32k.sys
2017-08-14 08:34:51 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-14 08:34:51 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\msxbde40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\mstext40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\mspbde40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\system32\authui.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\system32\wlansvc.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\system32\tquery.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\system32\termsrv.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\system32\mprapi.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\SYSWOW64\mprapi.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\umrdp.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\SessEnv.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\rastls.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2017-08-14 08:34:46 ----AC---- C:\WINDOWS\system32\drivers\msiscsi.sys
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\mswdat10.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\msjter40.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\system32\wer.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-08-14 08:34:45 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\volmgrx.sys
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2017-08-14 08:34:44 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2017-08-14 08:34:44 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\wlanapi.dll
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\winresume.exe
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\jscript.dll
2017-08-14 08:34:43 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-08-14 08:34:43 ----A---- C:\WINDOWS\system32\winload.exe
2017-08-14 08:34:43 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2017-08-14 08:34:41 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2017-08-14 08:34:41 ----A---- C:\WINDOWS\system32\wfdprov.dll
2017-08-14 08:34:41 ----A---- C:\WINDOWS\system32\ProximityService.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\wininet.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\certcli.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\system32\ieapfltr.dll
====== List of files/folders modified in the last 1 month ======
2017-09-11 22:35:20 ----D---- C:\Program Files\trend micro
2017-09-11 22:35:03 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-09-11 22:34:01 ----D---- C:\WINDOWS\Prefetch
2017-09-11 22:32:51 ----D---- C:\WINDOWS\Temp
2017-09-11 21:33:30 ----D---- C:\WINDOWS\Microsoft.NET
2017-09-11 21:33:10 ----SHD---- C:\System Volume Information
2017-09-11 21:02:04 ----D---- C:\WINDOWS\system32\sru
2017-09-11 20:58:01 ----D---- C:\Windows
2017-09-11 07:00:06 ----D---- C:\WINDOWS\SoftwareDistribution
2017-09-10 17:27:34 ----D---- C:\Users\Bea\AppData\Roaming\Mozilla
2017-09-10 14:22:09 ----D---- C:\Users\Bea\AppData\Roaming\Thunderbird
2017-09-10 07:28:16 ----D---- C:\Program Files\Mozilla Firefox
2017-09-10 07:28:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-10 06:58:15 ----D---- C:\WINDOWS\Inf
2017-09-10 06:58:13 ----D---- C:\WINDOWS\debug
2017-09-06 15:39:13 ----D---- C:\Users\Bea\AppData\Roaming\Macromedia
2017-09-06 09:39:20 ----RD---- C:\WINDOWS\System32
2017-09-06 09:39:17 ----D---- C:\WINDOWS\SysWOW64
2017-09-06 09:39:16 ----RD---- C:\Program Files (x86)
2017-09-04 19:39:43 ----SHD---- C:\WINDOWS\Installer
2017-09-03 07:09:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-31 05:12:31 ----D---- C:\WINDOWS\system32\config
2017-08-30 08:58:01 ----RD---- C:\Program Files
2017-08-27 18:44:08 ----D---- C:\ProgramData\StockSubmitterCore
2017-08-23 19:36:34 ----D---- C:\WINDOWS\WinSxS
2017-08-23 19:30:38 ----D---- C:\WINDOWS\system32\catroot2
2017-08-23 19:22:39 ----D---- C:\WINDOWS\system32\DriverStore
2017-08-16 09:48:36 ----D---- C:\A_komercni mimo FTB
2017-08-15 08:37:21 ----D---- C:\WINDOWS\rescache
2017-08-14 22:54:39 ----D---- C:\WINDOWS\system32\drivers
2017-08-14 22:54:39 ----D---- C:\WINDOWS\system32\Boot
2017-08-14 08:55:03 ----D---- C:\WINDOWS\CbsTemp
2017-08-14 08:53:49 ----D---- C:\WINDOWS\system32\MRT
2017-08-14 08:52:26 ----AC---- C:\WINDOWS\system32\MRT.exe
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2012-10-20 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-02-23 31560]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-11-21 157016]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2017-06-01 71680]
R3 ACPIVPC;@oem11.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2012-10-20 33560]
R3 bcbtums;@oem9.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2012-08-26 164152]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 – ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 CnxtHdAudService;@oem33.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2013-07-10 1299648]
R3 ETD;@oem3.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-08-07 311632]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-08-27 3797424]
R3 IntcDAud;@oem30.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem19.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-02-23 13045960]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2017-06-05 207496]
R3 vm332avs;@oem10.inf,%USBCamera.DeviceDesc2%;Lenovo Camera2; C:\WINDOWS\System32\Drivers\vm332avs.sys [2012-08-25 981112]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2017-06-01 38912]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2014-11-21 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2017-06-01 1201664]
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem18.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2015-03-23 21928]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2016-08-02 216704]
S3 intaud_WaveExtensible;@oem31.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 mfeaack;McAfee Inc. mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [2016-08-02 419624]
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2016-08-01 100136]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2017-06-01 167424]
S3 RSUSBVSTOR;@oem23.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2017-06-01 78848]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-07-13 814688]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-05-18 2246256]
R2 BcmBtRSupport;@oem9.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service; C:\WINDOWS\system32\BtwRSupportService.exe [2012-08-26 2252600]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2012-08-27 953720]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-08-27 330136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-02-04 934216]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-07-31 1258856]
R2 PEFService;Intel Security PEF Service; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2016-05-25 1045336]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2017-06-05 198792]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 WebUpdate4;Web Update Wizard Service V4; C:\WINDOWS\SysWOW64\WebUpdateSvc4.exe [2013-11-25 412776]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-08-27 291744]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2017-02-14 273216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-09-03 194000]
-----------------EOF-----------------
Run by Bea at 2017-09-11 22:35:18
Microsoft Windows 8.1
System drive C: has 438 GB (48%) free of 904 GB
Total RAM: 8058 MB (81% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:35:21, on 11. 9. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\USB Camera2\VM332STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\trend micro\Bea_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKUS\S-1-5-21-3294375576-709941325-3428392197-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem9.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: Web Update Wizard Service V4 (WebUpdate4) - Data Perceptions / PowerProgrammer - C:\WINDOWS\SysWOW64\WebUpdateSvc4.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8995 bytes
====== Enumerating Processes ======
C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\dwm.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Sandboxie\SbieSvc.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\WINDOWS\system32\BtwRSupportService.exe
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
C:\WINDOWS\system32\CxAudMsg64.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe"
C:\WINDOWS\SysWOW64\SAsrv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\SysWOW64\WebUpdateSvc4.exe
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a7a86ff2-34c7-4f33-ab69-bdd3a0cda2ce -SystemEventPortName:HostProcess-dca16269-eb01-44d6-95ec-e83b02817530 -IoCancelEventPortName:HostProcess-fd5821cc-67c0-4474-a084-e477ff050c34 -NonStateChangingEventPortName:HostProcess-98cb3dac-2a0b-42cc-8e2f-2bcf9a9c5124 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e3d4cf4f-1e23-4a25-aaf2-cdc1716b8d77 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\USB Camera2\VM332STI.EXE"
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\WINDOWS\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Users\Bea\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Bea\Desktop\RSITx64.exe"
====== Scheduled tasks folder ======
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-Beata-Bea - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe /prepare
C:\WINDOWS\system32\tasks\McAfeeLogon - C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe /platui
C:\WINDOWS\system32\tasks\MirageAgent - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program - "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Solution Center Launcher - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe UpdateStatus
C:\WINDOWS\system32\tasks\Lenovo\LSC\Lenovo Solution Center Notifications - C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScan - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\RebootCountTask - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -rebootcount
C:\WINDOWS\system32\tasks\Lenovo\LSC\Time72Task - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3294375576-709941325-3428392197-1002 - "C:\Users\Bea\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe"
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default\addons.json
New Tab Override (WebExtension) - extension - newtaboverride@agenedia.com
Pomocník skrývání prvků pro Adblock Plus - extension - elemhidehelper@adblockplus.org
Firebug - extension - firebug@software.joehewitt.com
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Sage - extension - {a6ca9b3b-5e52-4f47-85d8-cca35bb57596}
Google Image Search - extension - {73007fef-a6e0-47d3-b4e7-dfc116ed6f65}
Resurrect Pages - extension - {0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}
Video DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d}
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default\extensions.json
Element Hiding Helper for Adblock Plus - extension - elemhidehelper@adblockplus.org -
BetterPrivacy - extension - {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} -
Video DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} -
Firebug - extension - firebug@software.joehewitt.com -
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781} -
Google Image Search - extension - {73007fef-a6e0-47d3-b4e7-dfc116ed6f65} -
Resurrect Pages - extension - {0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3} -
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -
Sage - extension - {a6ca9b3b-5e52-4f47-85d8-cca35bb57596} -
Application Update Service Helper - extension - aushelper@mozilla.org -
Multi-process staged rollout - extension - e10srollout@mozilla.org -
Pocket - extension - firefox@getpocket.com -
Web Compat - extension - webcompat@mozilla.org -
Firefox Screenshots - extension - screenshots@mozilla.org -
Click-to-Play staged rollout - extension - clicktoplay-rollout@mozilla.org -
Follow-on Search Telemetry - extension - followonsearch@mozilla.com -
Shield Recipe Client - extension - shield-recipe-client@mozilla.org -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} -
New Tab Override - webextension - newtaboverride@agenedia.com -
C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\sjlcr5d4.default\pluginreg.dat
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={C4E61C37-7089-49BE-A539-C18722C5D7BD}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={C4E61C37-7089-49BE-A539-C18722C5D7BD}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-08 2864016]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-23 1793736]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2010-11-03 1580368]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2015-08-27 395168]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-07-24 903384]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-10-20 17080376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-10-20 191544]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2017-06-05 799368]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"332BigDog"=C:\Program Files (x86)\USB Camera2\VM332STI.EXE [2012-03-20 548864]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-07-13 2407008]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfemms]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-09-11 22:20:46 ----D---- C:\_OTM
2017-09-11 21:09:59 ----D---- C:\AdwCleaner
2017-09-11 07:05:24 ----D---- C:\WINDOWS\Minidump
2017-09-10 19:35:49 ----D---- C:\rsit
2017-09-10 17:41:49 ----D---- C:\Users\Bea\AppData\Roaming\vlc
2017-09-06 09:39:16 ----D---- C:\Program Files (x86)\Xvid
2017-09-06 09:39:16 ----A---- C:\WINDOWS\SYSWOW64\xvidvfw.dll
2017-09-06 09:39:16 ----A---- C:\WINDOWS\SYSWOW64\xvidcore.dll
2017-09-06 09:39:16 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2017-09-06 09:39:16 ----A---- C:\WINDOWS\system32\xvidcore.dll
2017-08-30 09:00:14 ----RD---- C:\Sandbox
2017-08-30 08:58:36 ----A---- C:\WINDOWS\Sandboxie.ini
2017-08-30 08:58:01 ----D---- C:\Program Files\Sandboxie
2017-08-14 08:34:57 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-08-14 08:34:56 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-08-14 08:34:55 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-08-14 08:34:54 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-08-14 08:34:54 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msrepl40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msjtes40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\msjetoledb40.dll
2017-08-14 08:34:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2017-08-14 08:34:52 ----A---- C:\WINDOWS\system32\win32k.sys
2017-08-14 08:34:51 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-14 08:34:51 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\msxbde40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\mstext40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\mspbde40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-08-14 08:34:50 ----A---- C:\WINDOWS\system32\authui.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\system32\wlansvc.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\system32\tquery.dll
2017-08-14 08:34:49 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\system32\termsrv.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\system32\mprapi.dll
2017-08-14 08:34:48 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\SYSWOW64\mprapi.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\umrdp.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\SessEnv.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\rastls.dll
2017-08-14 08:34:47 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2017-08-14 08:34:46 ----AC---- C:\WINDOWS\system32\drivers\msiscsi.sys
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\mswdat10.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\msjter40.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\system32\wer.dll
2017-08-14 08:34:46 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-08-14 08:34:45 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\volmgrx.sys
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2017-08-14 08:34:45 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2017-08-14 08:34:44 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2017-08-14 08:34:44 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\wlanapi.dll
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\winresume.exe
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-08-14 08:34:44 ----A---- C:\WINDOWS\system32\jscript.dll
2017-08-14 08:34:43 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-08-14 08:34:43 ----A---- C:\WINDOWS\system32\winload.exe
2017-08-14 08:34:43 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2017-08-14 08:34:41 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2017-08-14 08:34:41 ----A---- C:\WINDOWS\system32\wfdprov.dll
2017-08-14 08:34:41 ----A---- C:\WINDOWS\system32\ProximityService.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\wininet.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-08-14 08:34:40 ----A---- C:\WINDOWS\system32\certcli.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-08-14 08:34:39 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2017-08-14 08:34:38 ----A---- C:\WINDOWS\system32\ieapfltr.dll
====== List of files/folders modified in the last 1 month ======
2017-09-11 22:35:20 ----D---- C:\Program Files\trend micro
2017-09-11 22:35:03 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-09-11 22:34:01 ----D---- C:\WINDOWS\Prefetch
2017-09-11 22:32:51 ----D---- C:\WINDOWS\Temp
2017-09-11 21:33:30 ----D---- C:\WINDOWS\Microsoft.NET
2017-09-11 21:33:10 ----SHD---- C:\System Volume Information
2017-09-11 21:02:04 ----D---- C:\WINDOWS\system32\sru
2017-09-11 20:58:01 ----D---- C:\Windows
2017-09-11 07:00:06 ----D---- C:\WINDOWS\SoftwareDistribution
2017-09-10 17:27:34 ----D---- C:\Users\Bea\AppData\Roaming\Mozilla
2017-09-10 14:22:09 ----D---- C:\Users\Bea\AppData\Roaming\Thunderbird
2017-09-10 07:28:16 ----D---- C:\Program Files\Mozilla Firefox
2017-09-10 07:28:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-10 06:58:15 ----D---- C:\WINDOWS\Inf
2017-09-10 06:58:13 ----D---- C:\WINDOWS\debug
2017-09-06 15:39:13 ----D---- C:\Users\Bea\AppData\Roaming\Macromedia
2017-09-06 09:39:20 ----RD---- C:\WINDOWS\System32
2017-09-06 09:39:17 ----D---- C:\WINDOWS\SysWOW64
2017-09-06 09:39:16 ----RD---- C:\Program Files (x86)
2017-09-04 19:39:43 ----SHD---- C:\WINDOWS\Installer
2017-09-03 07:09:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-31 05:12:31 ----D---- C:\WINDOWS\system32\config
2017-08-30 08:58:01 ----RD---- C:\Program Files
2017-08-27 18:44:08 ----D---- C:\ProgramData\StockSubmitterCore
2017-08-23 19:36:34 ----D---- C:\WINDOWS\WinSxS
2017-08-23 19:30:38 ----D---- C:\WINDOWS\system32\catroot2
2017-08-23 19:22:39 ----D---- C:\WINDOWS\system32\DriverStore
2017-08-16 09:48:36 ----D---- C:\A_komercni mimo FTB
2017-08-15 08:37:21 ----D---- C:\WINDOWS\rescache
2017-08-14 22:54:39 ----D---- C:\WINDOWS\system32\drivers
2017-08-14 22:54:39 ----D---- C:\WINDOWS\system32\Boot
2017-08-14 08:55:03 ----D---- C:\WINDOWS\CbsTemp
2017-08-14 08:53:49 ----D---- C:\WINDOWS\system32\MRT
2017-08-14 08:52:26 ----AC---- C:\WINDOWS\system32\MRT.exe
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2012-10-20 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-02-23 31560]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-11-21 157016]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2017-06-01 71680]
R3 ACPIVPC;@oem11.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2012-10-20 33560]
R3 bcbtums;@oem9.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2012-08-26 164152]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 – ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 CnxtHdAudService;@oem33.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2013-07-10 1299648]
R3 ETD;@oem3.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-08-07 311632]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-08-27 3797424]
R3 IntcDAud;@oem30.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem19.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-02-23 13045960]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2017-06-05 207496]
R3 vm332avs;@oem10.inf,%USBCamera.DeviceDesc2%;Lenovo Camera2; C:\WINDOWS\System32\Drivers\vm332avs.sys [2012-08-25 981112]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2017-06-01 38912]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2014-11-21 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2017-06-01 1201664]
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem18.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2015-03-23 21928]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2016-08-02 216704]
S3 intaud_WaveExtensible;@oem31.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 mfeaack;McAfee Inc. mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [2016-08-02 419624]
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2016-08-01 100136]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2017-06-01 167424]
S3 RSUSBVSTOR;@oem23.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2017-06-01 78848]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-07-13 814688]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-05-18 2246256]
R2 BcmBtRSupport;@oem9.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service; C:\WINDOWS\system32\BtwRSupportService.exe [2012-08-26 2252600]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2012-08-27 953720]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-08-27 330136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-02-04 934216]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-07-31 1258856]
R2 PEFService;Intel Security PEF Service; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2016-05-25 1045336]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2017-06-05 198792]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 WebUpdate4;Web Update Wizard Service V4; C:\WINDOWS\SysWOW64\WebUpdateSvc4.exe [2013-11-25 412776]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-08-27 291744]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2017-02-14 273216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-09-03 194000]
-----------------EOF-----------------
Re: Sekajicí se PC
PC nahodil modrou smrt, že kernel data inpage error
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sekajicí se PC
Pokud lze systém spustit (stačí v nouz. režimu), otevřte adresář c:\windows\minidump, jeho obsah zabalte do raru a přiložte k vašmu příštímu postu.Chimaobim píše:PC nahodil modrou smrt, že kernel data inpage error
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sekajicí se PC
PC shodil ovladač gr. karty. Zkuste ho přeinstalovat. Je ovšem možné, že je samotná karta vadná.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Sekajicí se PC
Přeinstalace bez efektu. Solution center hazi alert, že je něco s hdd... Target read test a Smart short self test
Pri stahování souboru hrubým odhadem každých 100MB jakoby zamrzne stahování, a pak jede dál.
Podobně pri uploadu. FTP to vyhodnotí, že moc dlouho čeká a utne nahrávání...
Pri stahování souboru hrubým odhadem každých 100MB jakoby zamrzne stahování, a pak jede dál.
Podobně pri uploadu. FTP to vyhodnotí, že moc dlouho čeká a utne nahrávání...
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sekajicí se PC
OK. Na disk se můžeme také podívat. Systém vám ale opravdu shodil graf. ovladač. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Sekajicí se PC
----------------------------------------------------------------------------
CrystalDiskInfo 7.1.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2017/09/13 20:54:56
-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- ST1000LM024 HN-M101MBB
- MATSHITA DVD-RAM UJ8D1
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB : 1000,2 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB
----------------------------------------------------------------------------
Model : ST1000LM024 HN-M101MBB
Firmware : 2AR10001
Serial Number : S2U5J9GC921197
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 18133 hod.
Power On Count : 1693 krát
Temperature : 36 C (96 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000003A6C Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _89 _89 _25 000000000D86 Čas na roztočení ploten
04 _99 _99 __0 000000000786 Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 0000000046D5 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000102 Počet pokusů o překalibrování
0C _99 _99 __0 00000000069D Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000359 Počet udalostí zaznamenaných otřesovým senzorem
C0 252 252 __0 000000000000 Počet vypnutí disku
C2 _64 _33 __0 004400100024 Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000005 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000ABA Počet chyb při zápisu sektorů
DF 100 100 __0 000000000102 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 _41 _41 __0 000000092D05 Počet cyklů načítání/vymazání
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5332 5535 4A39 4743 3932 3131 3937 2020 2020 2020
020: 0000 4000 0004 3241 5231 3030 3031 5354 3130 3030
030: 4C4D 3032 3420 484E 2D4D 3130 314D 4242 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0006 3FFF 0010 003F FC10 00FB 0000
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0F06 0004 004C 0048
080: 01FF 0028 746B 7D09 6123 7469 BC09 6123 203F 006F
090: 006F 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 4CF2
110: 087F CA94 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C6A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 6C 3A 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 59 59 86
020: 0D 00 00 00 00 00 04 32 00 63 63 86 07 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 D5 46 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0B 32
070: 00 64 64 02 01 00 00 00 00 00 0C 32 00 63 63 9D
080: 06 00 00 00 00 00 BF 22 00 64 64 59 03 00 00 00
090: 00 00 C0 22 00 FC FC 00 00 00 00 00 00 00 C2 02
0A0: 00 40 21 24 00 10 00 44 00 00 C3 3A 00 64 64 00
0B0: 00 00 00 00 00 00 C4 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C5 32 00 64 64 05 00 00 00 00 00 00 C6 30
0D0: 00 FC FC 00 00 00 00 00 00 00 C7 36 00 C8 C8 00
0E0: 00 00 00 00 00 00 C8 2A 00 64 64 BA 0A 00 00 00
0F0: 00 00 DF 32 00 64 64 02 01 00 00 00 00 00 E1 32
100: 00 29 29 05 2D 09 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 60 36 00 5B
170: 03 00 01 00 02 E8 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 75
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0B 00
070: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
080: 00 00 00 00 00 00 BF 00 00 00 00 00 00 00 00 00
090: 00 00 C0 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0B0: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
0C0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0E0: 00 00 00 00 00 00 C8 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E1 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B
CrystalDiskInfo 7.1.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2017/09/13 20:54:56
-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- ST1000LM024 HN-M101MBB
- MATSHITA DVD-RAM UJ8D1
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB : 1000,2 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB
----------------------------------------------------------------------------
Model : ST1000LM024 HN-M101MBB
Firmware : 2AR10001
Serial Number : S2U5J9GC921197
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 18133 hod.
Power On Count : 1693 krát
Temperature : 36 C (96 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000003A6C Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _89 _89 _25 000000000D86 Čas na roztočení ploten
04 _99 _99 __0 000000000786 Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 0000000046D5 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000102 Počet pokusů o překalibrování
0C _99 _99 __0 00000000069D Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000359 Počet udalostí zaznamenaných otřesovým senzorem
C0 252 252 __0 000000000000 Počet vypnutí disku
C2 _64 _33 __0 004400100024 Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000005 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000ABA Počet chyb při zápisu sektorů
DF 100 100 __0 000000000102 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 _41 _41 __0 000000092D05 Počet cyklů načítání/vymazání
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5332 5535 4A39 4743 3932 3131 3937 2020 2020 2020
020: 0000 4000 0004 3241 5231 3030 3031 5354 3130 3030
030: 4C4D 3032 3420 484E 2D4D 3130 314D 4242 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0006 3FFF 0010 003F FC10 00FB 0000
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0F06 0004 004C 0048
080: 01FF 0028 746B 7D09 6123 7469 BC09 6123 203F 006F
090: 006F 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 4CF2
110: 087F CA94 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C6A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 6C 3A 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 59 59 86
020: 0D 00 00 00 00 00 04 32 00 63 63 86 07 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 D5 46 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0B 32
070: 00 64 64 02 01 00 00 00 00 00 0C 32 00 63 63 9D
080: 06 00 00 00 00 00 BF 22 00 64 64 59 03 00 00 00
090: 00 00 C0 22 00 FC FC 00 00 00 00 00 00 00 C2 02
0A0: 00 40 21 24 00 10 00 44 00 00 C3 3A 00 64 64 00
0B0: 00 00 00 00 00 00 C4 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C5 32 00 64 64 05 00 00 00 00 00 00 C6 30
0D0: 00 FC FC 00 00 00 00 00 00 00 C7 36 00 C8 C8 00
0E0: 00 00 00 00 00 00 C8 2A 00 64 64 BA 0A 00 00 00
0F0: 00 00 DF 32 00 64 64 02 01 00 00 00 00 00 E1 32
100: 00 29 29 05 2D 09 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 60 36 00 5B
170: 03 00 01 00 02 E8 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 75
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0B 00
070: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
080: 00 00 00 00 00 00 BF 00 00 00 00 00 00 00 00 00
090: 00 00 C0 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0B0: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
0C0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0E0: 00 00 00 00 00 00 C8 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E1 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sekajicí se PC
Jsou tam chyby při zápisu a podezřelé sektory. Bude třeba ještě provést ErrorScan HDTune: http://www.stahuj.centrum.cz/utility_a_ ... -tune-pro/ . Pokud je disk OK, budou všechna políčka zelená. V případě červených políček je disk na odpis.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Sekajicí se PC
Zatím nedoběhl do konce, ale už 2 červená políčka
Re: Sekajicí se PC
Tak do rána to zase spadlo, minidump v příloze. Takže nevím kolik bylo červených, ale to je asi jedno i tři jsou špatně?