Prosím o kontrolu logu Vyřešeno

[ADA64]

1) Vypnut antivir a firewall a spuštěn Combofix dle návodu scriptem a zde je log:

ComboFix 16-06-01.01 - JAG 16.06.2016 11:27:41.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.11984.8844 [GMT 2:00]
Spuštěný z: c:\users\JAG\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\JAG\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Disabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ESET
c:\program files (x86)\ESET\ESET Online Scanner\esets_apiA.dll
c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW.dll
c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW_a.dll
c:\program files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
c:\program files (x86)\ESET\ESET Online Scanner\log.txt
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\backup\db.xml
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\continuous\nod2CCA.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\continuous\nod2F75.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\continuous\nod31A2.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com\update.ver
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\lastupd.ver
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\oldfiles\em002_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\oldfiles\em006_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\oldfiles\em023_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em002_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em006_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em023_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\upd.ver
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em000_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em001_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em002_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em003_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em004_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em005_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em006_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em023_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\esets_api.stg
c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.cab
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.inf
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.ocx
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner64.ocx
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerLang.dll
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
c:\program files (x86)\ESET\ESET Online Scanner\unicows.dll
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.30.3\goopdate.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.30.3\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.30.3\psmachine.dll
c:\program files (x86)\Google\Update\1.3.30.3\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.30.3\psuser.dll
c:\program files (x86)\Google\Update\1.3.30.3\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\1.30.2170.0459\gsync.msi
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.30.3\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\51.0.2704.84\51.0.2704.84_50.0.2661.102_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\users\JAG\AppData\Local\Temp\_MEI41522\_ctypes.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\_elementtree.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\_hashlib.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\_multiprocessing.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\_psutil_windows.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\_socket.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\_ssl.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\_yappi.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\common.time34.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\hashobjs_ext.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\pyexpat.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\pysqlite2._sqlite.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\python27.dll
c:\users\JAG\AppData\Local\Temp\_MEI41522\pythoncom27.dll
c:\users\JAG\AppData\Local\Temp\_MEI41522\PyWinTypes27.dll
c:\users\JAG\AppData\Local\Temp\_MEI41522\select.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\thumbnails_ext.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\unicodedata.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\usb_ext.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\win32api.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\win32com.shell.shell.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\win32crypt.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\win32event.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\win32file.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\win32gui.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\win32inet.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\win32pdh.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\win32pipe.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\win32process.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\win32profile.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\win32security.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\win32ts.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\windows._lib_cacheinvalidation.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\wx._animate.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\wx._controls_.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\wx._core_.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\wx._gdi_.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\wx._html2.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\wx._misc_.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\wx._windows_.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\wx._wizard.pyd
c:\users\JAG\AppData\Local\Temp\_MEI41522\wxbase30u_net_vc90.dll
c:\users\JAG\AppData\Local\Temp\_MEI41522\wxbase30u_vc90.dll
c:\users\JAG\AppData\Local\Temp\_MEI41522\wxmsw30u_adv_vc90.dll
c:\users\JAG\AppData\Local\Temp\_MEI41522\wxmsw30u_core_vc90.dll
c:\users\JAG\AppData\Local\Temp\_MEI41522\wxmsw30u_html_vc90.dll
c:\users\JAG\AppData\Local\Temp\_MEI41522\wxmsw30u_webview_vc90.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-05-16 do 2016-06-16 )))))))))))))))))))))))))))))))
.
.
2016-06-16 09:30 . 2016-06-16 09:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-06-15 14:24 . 2016-05-26 20:28 11895896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5C5F2D37-ACD1-4B93-A732-29095FA55C89}\mpengine.dll
2016-06-15 14:24 . 2016-05-26 20:28 11895896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-06-14 09:22 . 2016-06-14 09:22 -------- d-----w- c:\users\JAG\AppData\Local\GHISLER
2016-06-14 09:17 . 2016-06-14 09:04 24064 ----a-w- c:\windows\zoek-delete.exe
2016-06-14 09:17 . 2016-06-16 09:30 -------- d-----w- c:\users\JAG\AppData\Local\Temp
2016-06-14 09:04 . 2016-06-14 09:15 -------- d-----w- C:\zoek_backup
2016-06-13 09:08 . 2016-06-14 08:17 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-06-13 09:07 . 2016-06-13 09:35 -------- d-----w- c:\programdata\RogueKiller
2016-06-13 08:45 . 2016-06-03 13:05 1413120 ----a-w- c:\windows\system32\appraiser.dll
2016-06-13 08:45 . 2016-06-06 16:58 41704 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-06-13 08:45 . 2016-06-06 16:50 1204224 ----a-w- c:\windows\system32\aeinv.dll
2016-06-13 08:45 . 2016-05-27 13:06 569856 ----a-w- c:\windows\system32\generaltel.dll
2016-06-13 08:45 . 2016-05-27 13:06 544256 ----a-w- c:\windows\system32\devinv.dll
2016-06-13 08:45 . 2016-05-27 13:06 276480 ----a-w- c:\windows\system32\invagent.dll
2016-06-13 08:45 . 2016-05-27 13:06 265216 ----a-w- c:\windows\system32\centel.dll
2016-06-13 08:45 . 2016-05-22 13:06 76800 ----a-w- c:\windows\system32\acmigration.dll
2016-06-07 13:46 . 2016-06-13 08:41 -------- d-----w- C:\AdwCleaner
2016-06-06 14:42 . 2016-06-14 13:56 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-06-06 14:42 . 2016-06-06 14:42 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-06-06 14:42 . 2016-06-06 14:42 -------- d-----w- c:\programdata\Malwarebytes
2016-06-06 14:42 . 2016-03-10 12:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-06-06 14:42 . 2016-03-10 12:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-06-06 14:42 . 2016-03-10 12:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-06-06 11:27 . 2016-06-06 11:27 -------- d-----w- c:\programdata\GridinSoft
2016-06-02 17:18 . 2016-06-06 10:23 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2016-06-02 11:48 . 2016-06-02 11:48 1423512 ----a-w- c:\windows\system32\iglhsip64.dll
2016-06-02 11:48 . 2016-06-02 11:48 1420384 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2016-06-02 11:48 . 2016-06-02 11:48 231320 ----a-w- c:\windows\system32\iglhcp64.dll
2016-06-02 11:48 . 2016-06-02 11:48 194872 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2016-06-02 11:48 . 2016-06-02 11:48 219296 ----a-w- c:\windows\system32\igfxcmrt64.dll
2016-06-02 11:48 . 2016-06-02 11:48 185992 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2016-06-02 11:48 . 2016-06-02 11:48 25148104 ----a-w- c:\windows\system32\igdumdim64.dll
2016-06-02 11:47 . 2016-06-02 11:47 1502024 ----a-w- c:\windows\system32\igdmd64.dll
2016-06-02 11:47 . 2016-06-02 11:47 1154400 ----a-w- c:\windows\SysWow64\igdmd32.dll
2016-06-02 11:47 . 2016-06-02 11:47 18046528 ----a-w- c:\windows\system32\igd11dxva64.dll
2016-06-02 11:46 . 2016-06-02 11:46 17566536 ----a-w- c:\windows\SysWow64\igd11dxva32.dll
2016-06-02 11:46 . 2016-06-02 11:46 8818088 ----a-w- c:\windows\SysWow64\igd10iumd32.dll
2016-06-02 11:45 . 2016-06-02 11:45 294048 ----a-w- c:\windows\system32\igd10idpp64.dll
2016-06-02 11:45 . 2016-06-02 11:45 273776 ----a-w- c:\windows\SysWow64\igd10idpp32.dll
2016-06-02 11:40 . 2016-06-02 11:40 617976 ----a-w- c:\windows\system32\MetroIntelGenericUIFramework.dll
2016-06-02 11:38 . 2016-06-02 11:38 323560 ----a-w- c:\windows\system32\igfxEM.exe
2016-06-02 11:37 . 2016-06-02 11:37 10863608 ----a-w- c:\windows\SysWow64\igdfcl32.dll
2016-06-02 11:37 . 2016-06-02 11:37 200696 ----a-w- c:\windows\system32\igdde64.dll
2016-06-02 11:37 . 2016-06-02 11:37 161784 ----a-w- c:\windows\SysWow64\igdde32.dll
2016-06-02 11:37 . 2016-06-02 11:37 434176 ----a-w- c:\windows\system32\igdbcl64.dll
2016-06-02 11:37 . 2016-06-02 11:37 384504 ----a-w- c:\windows\SysWow64\igdbcl32.dll
2016-06-02 11:37 . 2016-06-02 11:37 182776 ----a-w- c:\windows\system32\igdail64.dll
2016-06-02 11:37 . 2016-06-02 11:37 163840 ----a-w- c:\windows\SysWow64\igdail32.dll
2016-06-02 11:37 . 2016-06-02 11:37 7506432 ----a-w- c:\windows\SysWow64\ig8icd32.dll
2016-06-02 11:36 . 2016-06-02 11:36 1050088 ----a-w- c:\windows\system32\Gfxv4_0.exe
2016-06-02 11:36 . 2016-06-02 11:36 1046504 ----a-w- c:\windows\system32\Gfxv2_0.exe
2016-06-02 11:36 . 2016-06-02 11:36 458216 ----a-w- c:\windows\system32\GfxUIEx.exe
2016-06-02 11:36 . 2016-06-02 11:36 348648 ----a-w- c:\windows\system32\DPTopologyAppv2_0.exe
2016-06-02 11:36 . 2016-06-02 11:36 1139704 ----a-w- c:\windows\system32\GfxResources.dll
2016-06-02 11:35 . 2016-06-02 11:35 349160 ----a-w- c:\windows\system32\DPTopologyApp.exe
2016-06-02 11:35 . 2016-06-02 11:35 166376 ----a-w- c:\windows\system32\difx64.exe
2016-06-02 11:32 . 2016-06-02 11:32 9516024 ----a-w- c:\windows\system32\ig8icd64.dll
2016-06-02 11:32 . 2016-06-02 11:32 102904 ----a-w- c:\windows\system32\IccLibDll_x64.dll
2016-06-02 11:11 . 2016-06-02 11:11 6725162 ----a-w- c:\windows\system32\igdclbif.bin
2016-05-30 11:38 . 2016-05-30 11:38 -------- d-----w- c:\users\JAG\AppData\Roaming\IrfanView
2016-05-30 11:38 . 2016-05-30 11:38 -------- d-----w- c:\program files\IrfanView
2016-05-24 13:00 . 2016-05-24 13:00 -------- d-----w- c:\users\JAG\AppData\Roaming\ACD Systems
2016-05-24 13:00 . 2016-05-26 12:00 -------- d-----w- c:\users\JAG\AppData\Local\ACD Systems
2016-05-24 13:00 . 2005-07-22 17:59 3807440 ----a-w- c:\windows\system32\d3dx9_27.dll
2016-05-24 12:59 . 2016-05-24 12:59 -------- d-----w- c:\programdata\ACD Systems
2016-05-24 12:59 . 2016-05-24 12:59 -------- d-----w- c:\users\JAG\AppData\Local\Downloaded Installations
2016-05-22 09:49 . 2016-05-11 11:32 1167568 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{75EC2DD9-A936-47C9-A5DC-80F705D47168}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-06-15 14:00 . 2015-12-10 21:53 142482544 ----a-w- c:\windows\system32\MRT.exe
2016-06-02 11:48 . 2015-08-29 12:50 45952 ----a-w- c:\windows\system32\igfxexps.dll
2016-06-02 11:48 . 2015-08-29 12:50 6258544 ----a-w- c:\windows\system32\igdusc64.dll
2016-06-02 11:48 . 2015-09-24 11:48 4932264 ----a-w- c:\windows\SysWow64\igdusc32.dll
2016-06-02 11:47 . 2015-09-24 11:47 24344400 ----a-w- c:\windows\SysWow64\igdumdim32.dll
2016-06-02 11:46 . 2015-08-29 12:50 9624800 ----a-w- c:\windows\system32\igd10iumd64.dll
2016-06-02 11:39 . 2015-08-29 12:50 95232 ----a-w- c:\windows\SysWow64\OpenCL.DLL
2016-06-02 11:39 . 2015-08-29 12:50 91136 ----a-w- c:\windows\system32\OpenCL.DLL
2016-06-02 11:38 . 2015-08-29 12:50 354280 ----a-w- c:\windows\system32\igfxCUIService.exe
2016-05-12 17:14 . 2016-06-15 13:58 344064 ----a-w- c:\windows\system32\schannel.dll
2016-05-12 17:14 . 2016-06-15 13:58 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-05-12 15:18 . 2016-06-15 13:58 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-05-12 15:18 . 2016-06-15 13:58 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-05-11 11:32 . 2016-04-26 14:10 1167568 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2016-04-22 08:24 . 2016-04-22 08:24 88064 ----a-w- c:\windows\system32\ibmpmctl.exe
2016-04-22 08:24 . 2016-04-22 08:24 82240 ----a-w- c:\windows\system32\drivers\ibmpmdrv.sys
2016-04-22 08:24 . 2016-04-22 08:24 710144 ----a-w- c:\windows\system32\LPlatSvc.exe
2016-04-22 08:24 . 2016-04-22 08:24 57856 ----a-w- c:\windows\system32\tpinspm.dll
2016-04-22 08:24 . 2016-04-22 08:24 180736 ----a-w- c:\windows\system32\ibmpmsvc.exe
2016-04-22 07:57 . 2010-11-21 03:27 453288 ------w- c:\windows\system32\MpSigStub.exe
2016-04-20 10:03 . 2016-03-17 17:44 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-04-14 13:49 . 2016-05-16 08:06 603648 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2016-04-14 13:21 . 2016-05-16 08:06 647680 ----a-w- c:\windows\system32\d3d10level9.dll
2016-04-14 04:08 . 2015-08-29 13:00 29512 ----a-w- c:\windows\system32\drivers\DZHDD64.SYS
2016-04-14 04:08 . 2015-08-29 13:00 29008 ----a-w- c:\windows\system32\drivers\TPPWR64V.SYS
2016-04-14 04:08 . 2015-08-29 13:00 2872488 ----a-w- c:\windows\system32\PWMCP64V.cpl
2016-04-14 04:08 . 2015-08-29 13:00 2692776 ------w- c:\windows\PWMBTHLV.EXE
2016-04-09 07:02 . 2016-05-16 08:06 631176 ----a-w- c:\windows\system32\winresume.efi
2016-04-09 07:01 . 2016-05-16 08:06 706280 ----a-w- c:\windows\system32\winload.efi
2016-04-09 07:01 . 2016-05-16 08:06 5546216 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-04-09 07:01 . 2016-05-16 08:06 986344 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2016-04-09 07:01 . 2016-05-16 08:06 264936 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2016-04-09 06:59 . 2016-05-16 08:06 3998952 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2016-04-09 06:59 . 2016-05-16 08:06 3943144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2016-04-09 06:59 . 2016-05-16 08:06 1732864 ----a-w- c:\windows\system32\ntdll.dll
2016-04-09 06:58 . 2016-05-16 08:06 362496 ----a-w- c:\windows\system32\wow64win.dll
2016-04-09 06:58 . 2016-05-16 08:06 243712 ----a-w- c:\windows\system32\wow64.dll
2016-04-09 06:58 . 2016-05-16 08:06 215552 ----a-w- c:\windows\system32\winsrv.dll
2016-04-09 06:58 . 2016-05-16 08:06 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2016-04-09 06:58 . 2016-05-16 08:06 503808 ----a-w- c:\windows\system32\srcore.dll
2016-04-09 06:58 . 2016-05-16 08:06 50176 ----a-w- c:\windows\system32\srclient.dll
2016-04-09 06:58 . 2016-05-16 08:06 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2016-04-09 06:57 . 2016-05-16 08:06 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2016-04-09 06:57 . 2016-05-16 08:06 1163264 ----a-w- c:\windows\system32\kernel32.dll
2016-04-09 06:57 . 2016-05-16 08:06 419840 ----a-w- c:\windows\system32\KernelBase.dll
2016-04-09 06:57 . 2016-05-16 08:06 43520 ----a-w- c:\windows\system32\csrsrv.dll
2016-04-09 06:57 . 2016-05-16 08:06 144384 ----a-w- c:\windows\system32\cdd.dll
2016-04-09 06:57 . 2016-05-16 08:06 880640 ----a-w- c:\windows\system32\advapi32.dll
2016-04-09 06:57 . 2016-05-16 08:06 59904 ----a-w- c:\windows\system32\appidapi.dll
2016-04-09 06:57 . 2016-05-16 08:06 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 34816 ----a-w- c:\windows\system32\appidsvc.dll
2016-04-09 06:57 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 6656 ----a-w- c:\windows\system32\apisetschema.dll
2016-04-09 06:57 . 2016-05-16 08:06 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-09 06:57 . 2016-05-16 08:06 1314112 ----a-w- c:\windows\SysWow64\ntdll.dll
2016-04-09 06:54 . 2016-05-16 08:06 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2016-04-09 06:54 . 2016-05-16 08:06 275456 ----a-w- c:\windows\SysWow64\KernelBase.dll
2016-04-09 06:54 . 2016-05-16 08:06 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2016-04-09 06:54 . 2016-05-16 08:06 644096 ----a-w- c:\windows\SysWow64\advapi32.dll
2016-04-09 06:54 . 2016-05-16 08:06 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2016-04-09 06:54 . 2016-05-16 08:06 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-09 06:54 . 2016-05-16 08:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-04-09 06:54 . 2016-05-16 08:06 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-09 06:54 . 2016-05-16 08:06 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2016-04-09 06:54 . 2016-05-16 08:06 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2016-04-09 06:54 . 2016-05-16 08:06 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-09 06:54 . 2016-05-16 08:06 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-09 06:54 . 2016-05-16 08:06 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-09 06:54 . 2016-05-16 08:06 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2016-04-09 06:54 . 2016-05-16 08:06 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-09 06:54 . 2016-05-16 08:06 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-09 06:54 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-09 06:54 . 2016-05-16 08:06 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2016-04-09 06:54 . 2016-05-16 08:06 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2016-04-09 06:54 . 2016-05-16 08:06 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-05-17 53123712]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2016-05-17 23496872]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-04-15 8698584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2014-10-10 136992]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-12-02 296208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
2;2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R1 ndisrd;Intel(R) Technology Access Filter Driver;c:\windows\system32\DRIVERS\ndisrfl.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrfl.sys [x]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 iBtSiva;Intel Bluetooth Service;c:\program files (x86)\Intel\Bluetooth\ibtsiva.exe;c:\program files (x86)\Intel\Bluetooth\ibtsiva.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 lnvDiscoveryWinSvc;lnvDiscoveryWinSvc;c:\program files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe;c:\program files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [x]
R2 LPlatSvc;Lenovo Platform Service;c:\windows\system32\LPlatSvc.exe;c:\windows\SYSNATIVE\LPlatSvc.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 QuickControlMasterSvc;Lenovo QuickControl Master Service;c:\program files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe;c:\program files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [x]
R3 FlashUSB;FlashUSB;c:\windows\system32\DRIVERS\FlashUSB.sys;c:\windows\SYSNATIVE\DRIVERS\FlashUSB.sys [x]
R3 HPEWSFXBULK;HPEWSFXBULK;c:\windows\system32\drivers\hpfx64bulk.sys;c:\windows\SYSNATIVE\drivers\hpfx64bulk.sys [x]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot;c:\program files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe;c:\program files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [x]
R3 LenovoProdRegManager;PowerENGAGE Maintenance Service;c:\program files (x86)\Lenovo Registration\EngageService.exe;c:\program files (x86)\Lenovo Registration\EngageService.exe [x]
R3 LSC.Services.SystemService;Lenovo Solution Center System Service;c:\program files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 phidmice;USB Mouse Low Filter WU Driver;c:\windows\system32\DRIVERS\phidmice.sys;c:\windows\SYSNATIVE\DRIVERS\phidmice.sys [x]
R3 pmouself;Mouse Suite WU Driver;c:\windows\system32\DRIVERS\pmouself.sys;c:\windows\SYSNATIVE\DRIVERS\pmouself.sys [x]
R3 Power Manager DBC Service;Power Manager Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
R3 pvendrlf;Mouse Suite I/O WU Driver;c:\windows\system32\DRIVERS\pvendrlf.sys;c:\windows\SYSNATIVE\DRIVERS\pvendrlf.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ShareItSvc;ShareItSvc;c:\program files (x86)\Lenovo\SHAREit\Shareit.Service.exe;c:\program files (x86)\Lenovo\SHAREit\Shareit.Service.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 usbrndis6;Adaptér USB RNDIS6;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys;c:\windows\SYSNATIVE\DRIVERS\DzHDD64.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 OMNISMI;OMNISMI;c:\windows\SysWOW64\drivers\omnismi.sys;c:\windows\SysWOW64\drivers\omnismi.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [x]
S2 FirmwareUpdaterService;Firmware Updater Service;c:\program files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe;c:\program files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 IntelModemAuthenticator;IntelModemAuthenticator;c:\program files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe;c:\program files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 LENOVO.TVTVCAM;Lenovo Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 PelService;Session Launcher Service;c:\program files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe;c:\program files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 SwiService;Sierra Wireless Service;c:\program files (x86)\Sierra Wireless Inc\Utils\SwiService.exe;c:\program files (x86)\Sierra Wireless Inc\Utils\SwiService.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S2 valWBFPolicyService;Synaptics FP WBF Policy Service;c:\windows\system32\valWBFPolicyService.exe;c:\windows\SYSNATIVE\valWBFPolicyService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBIMSS;MBIM Selective Suspend 01;c:\windows\system32\Drivers\swinbus01.sys;c:\windows\SYSNATIVE\Drivers\swinbus01.sys [x]
S3 MBIMSSfilter;MBIM Selective Suspend Filter 01;c:\windows\system32\Drivers\swinbus01f.sys;c:\windows\SYSNATIVE\Drivers\swinbus01f.sys [x]
S3 QuickControlService;Lenovo QuickControl Service;c:\program files (x86)\Lenovo\QuickControl\QuickControlService.exe;c:\program files (x86)\Lenovo\QuickControl\QuickControlService.exe [x]
S3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
S3 rtsuvc;Integrated Camera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SWMBIM;Sierra Wireless MBIM Service 01;c:\windows\system32\DRIVERS\SWMBIM01.sys;c:\windows\SYSNATIVE\DRIVERS\SWMBIM01.sys [x]
S3 SzCCID;USB SmartCard Reader Driver;c:\windows\system32\DRIVERS\SzCCID.sys;c:\windows\SYSNATIVE\DRIVERS\SzCCID.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-06-10 05:55 1245848 ----a-w- c:\program files (x86)\Google\Chrome\Application\51.0.2704.84\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2016-05-17 11:26 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2016-05-17 11:26 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2016-05-17 11:26 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TpShocks"="TpShocks.exe" [2015-09-24 555688]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2015-09-29 296648]
"AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2016-02-19 63656]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"PasswordManager"="c:\program files\Lenovo\Password Manager\password_manager.exe" [2014-10-21 1792800]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.254 10.0.0.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
AddRemove-{d5572863-793c-4ec8-872a-43cccc68b948} - c:\programdata\Package Cache\{d5572863-793c-4ec8-872a-43cccc68b948}\Setup.exe
AddRemove-{f5d71765-7cd1-4e68-998f-5b379e725da3} - c:\programdata\Package Cache\{f5d71765-7cd1-4e68-998f-5b379e725da3}\SetupChipset.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe
c:\program files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe
c:\progra~1\Lenovo\HOTKEY\TPONSCR.EXE
c:\program files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
c:\program files (x86)\Lenovo\QuickControl\QuickControl.exe
c:\program files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
c:\program files\Lenovo\Lenovo Solution Center\LSCNotify.exe
c:\program files (x86)\Lenovo\message center plus\mcplaunch.exe
.
**************************************************************************
.
Celkový čas: 2016-06-16 11:33:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-06-16 09:33
ComboFix2.txt 2016-06-14 16:04
.
Před spuštěním: Volných bajtů: 150 553 997 312
Po spuštění: Volných bajtů: 150 181 625 856
.
- - End Of File - - 7AC32C67D0393DB77BEE7B49204D54D6
303B1EB094A6B732B37F438A04A34D8F

[Reklama]

[ADA64]

Odpověď rozdělena do dvou příspěvků, kvůli počtu znaků.

2) Spuštěn HJT jako správce a zde je log:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:41:25, on 16.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18347)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
C:\Users\JAG\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firmware Updater Service (FirmwareUpdaterService) - Unknown owner - C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: IntelModemAuthenticator - Intel Mobile Communications - C:\Program Files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: PowerENGAGE Maintenance Service (LenovoProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Lenovo Registration\EngageService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lnvDiscoveryWinSvc - Lenovo - C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
O23 - Service: Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\Windows\system32\LPlatSvc.exe (file missing)
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Session Launcher Service (PelService) - Unknown owner - C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
O23 - Service: Power Manager Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: Sierra Wireless Service (SwiService) - Sierra Wireless, Inc. - C:\Program Files (x86)\Sierra Wireless Inc\Utils\SwiService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13374 bytes

3) Spuštěn aswMBR dle návodu a zde je log:

swMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-06-16 11:45:17
-----------------------------
11:45:17.557 OS Version: Windows x64 6.1.7601 Service Pack 1
11:45:17.557 Number of processors: 4 586 0x3D04
11:45:17.557 ComputerName: JAG-PC UserName: JAG
11:45:17.978 Initialize success
11:45:18.009 VM: initialized successfully
11:45:18.009 VM: Intel CPU BiosDisabled
11:46:14.737 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000071
11:46:14.737 Disk 0 Vendor: SAMSUNG_ EMT0 Size: 488386MB BusType: 11
11:46:14.737 Disk 0 MBR read successfully
11:46:14.737 Disk 0 MBR scan
11:46:14.753 Disk 0 unknown MBR code
11:46:14.862 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1500 MB offset 2048
11:46:14.862 Disk 0 Boot: NTFS code=1
11:46:14.862 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 471064 MB offset 3074048
11:46:14.862 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15820 MB offset 967813120
11:46:14.862 Disk 0 scanning C:\Windows\system32\drivers
11:46:16.016 Service scanning
11:46:18.216 Modules scanning
11:46:18.216 Disk 0 trace - called modules:
11:46:18.216 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
11:46:18.232 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800c6c2060]
11:46:18.232 3 CLASSPNP.SYS[fffff88001d7943f] -> nt!IofCallDriver -> [0xfffffa800c5ccc50]
11:46:18.232 5 iaStorF.sys[fffff88001d16f84] -> nt!IofCallDriver -> \Device\00000071[0xfffffa8009ff49c0]
11:46:18.232 Disk 0 statistics 145583/0/0 @ 113,92 MB/s
11:46:18.232 Scan finished successfully
11:46:38.558 Disk 0 MBR has been saved successfully to "C:\Users\JAG\Desktop\MBR.dat"
11:46:38.574 The log file has been saved successfully to "C:\Users\JAG\Desktop\aswMBR.txt"

Stav: Uživatelsky se jeví samootvírání reklamních oken v Chromu jako vyřešené. Už nic samovolně nevyskakuje ani se neotvírá. Zůstal ale ten více jak půlminutový náběh Windowsu než se nabídne uživatelský profil při restartu nebo spuštění, to nastalo až během odstraňování problémů v Chromu.

[Orcus]

OK, ještě to pročistíme a uvidíme:

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[ADA64]

1) dle návodu spuštěn FrSt a zde jsou výsledky :

FrSt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-06-2016 01
Ran by JAG (administrator) on JAG-PC (20-06-2016 16:28:08)
Running from C:\Users\JAG\Desktop
Loaded Profiles: JAG (Available Profiles: JAG)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareUpdaterService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Mobile Communications) C:\Program Files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
() C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\Utils\SwiService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(%CFullName%) C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\LENOVO\tvt_reg_monitor_svc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [555688 2015-09-24] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [296648 2015-09-29] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63656 2016-02-19] (Lenovo)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3857512 2015-11-16] (Synaptics Incorporated)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1792800 2014-10-21] (Lenovo Group Limited)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2014-10-10] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296208 2014-12-03] (Intel Corporation)
HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{BF756B82-3253-49C7-B0CF-FFDBDEF14241}: [DhcpNameServer] 10.0.0.254 10.0.0.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-377955874-304036406-2546264200-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-377955874-304036406-2546264200-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-377955874-304036406-2546264200-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\JAG\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Firefox\Extensions: [{FCF36B88-1BBA-487f-B64B-D2E8980A9293}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension
FF Extension: No Name - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension [2016-05-09] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-14]
CHR Extension: (Dokumenty Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-14]
CHR Extension: (Disk Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-14]
CHR Extension: (YouTube) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-14]
CHR Extension: (Tabulky Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-06-14]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2016-06-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-14]
CHR Extension: (Gmail) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-14]
CHR Profile: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-14]
CHR Extension: (Flash Video Downloader) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-06-14]
CHR Extension: (Clicking Speed Test) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ainfcnbaendflhcngeajchpabooflble [2016-06-14]
CHR Extension: (Dokumenty Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-14]
CHR Extension: (Disk Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-14]
CHR Extension: (SPOI Options (Please remove me)) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bdokagampppgbnjfdlkfpphniapiiifn [2016-06-14]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-06-14]
CHR Extension: (YouTube) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-14]
CHR Extension: (History 2) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cahejgbbfgmlmjgdjlibphdjeldhagkp [2016-06-14]
CHR Extension: (FVD Suggestions) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caoielngcdpgeldnckhponffkiajaobo [2016-06-14]
CHR Extension: (Adblock Plus) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-14]
CHR Extension: (Image Downloader) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2016-06-14]
CHR Extension: (Search by Image (by Google)) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2016-06-14]
CHR Extension: (Nokia Drop) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ddgankdgamemlpbbfnbdphddncdcmkhf [2016-06-14]
CHR Extension: (Tampermonkey) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-06-14]
CHR Extension: (Video Downloader professional) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-06-14]
CHR Extension: (Tabulky Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-14]
CHR Extension: (AdBlock) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-14]
CHR Extension: (OneNote Web Clipper) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gojbdfnpnhogfdgjbigejoaolejmgdhk [2016-06-14]
CHR Extension: (CloudConvert) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfpmbfgodkfcebpgheiedaddoikmljkk [2016-06-14]
CHR Extension: (Google Play Music) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-14]
CHR Extension: (Pamatovák) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfiakckbklmccchjegnnojbalafebakb [2016-06-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-06-14]
CHR Extension: (Mapy Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-06-14]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2016-06-14]
CHR Extension: (Simple Bookmarks) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nafmgkhgdblkabfjfegmafagpccaobfg [2016-06-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-14]
CHR Extension: (Synology Web Clipper) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pcfbfimijgibligmbglggnbiobgjgmbk [2016-06-15]
CHR Extension: (Moje IP adresa) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfhoeoiodcebkkigjiooibeccnfmmkoe [2016-06-14]
CHR Extension: (Gmail) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-14]
CHR Extension: (MP3 Downloader) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pldidnmickidalpaoejffbkgkjfhohoe [2016-06-14]
CHR HKU\S-1-5-21-377955874-304036406-2546264200-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9954096 2014-04-01] (DisplayLink Corp.)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.)
R2 FirmwareUpdaterService; C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe [113288 2015-11-18] ()
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-06-01] (HP) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [124520 2014-12-24] (Intel Corporation)
S2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [354280 2016-06-02] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 IntelModemAuthenticator; C:\Program Files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe [38912 2015-09-11] (Intel Mobile Communications) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-26] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-12-06] (Lenovo)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197320 2015-09-29] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [114632 2015-07-13] (Lenovo Group Limited)
S3 LenovoProdRegManager; C:\Program Files (x86)\Lenovo Registration\EngageService.exe [293416 2015-01-09] (Aviata, Inc.)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-22] (Lenovo)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-04-22] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-02-08] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2015-10-30] (HP Inc.) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 PelService; C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe [184088 2015-07-09] () [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2015-10-30] (HP Inc.) [File not signed]
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [317224 2014-12-05] (Lenovo Group Limited)
S3 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31176 2016-01-20] (SHAREit Technologies Co.Ltd)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-01-13] ()
R2 SwiService; C:\Program Files (x86)\Sierra Wireless Inc\Utils\SwiService.exe [984328 2015-11-18] (Sierra Wireless, Inc.)
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited) [File not signed]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1517928 2013-03-11] (Lenovo Group Limited)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [88400 2015-12-06] (Synaptics Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-02-08] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-10-28] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1447736 2014-11-25] (Motorola Solutions, Inc.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB.sys [19968 2015-03-10] (Intel Mobile Communications)
S3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2009-02-26] (Hewlett Packard)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-01-27] (Intel Corporation)
S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [231152 2014-12-24] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MBIMSS; C:\Windows\System32\Drivers\swinbus01.sys [49144 2015-11-18] (Smith Micro Software, Inc.)
R3 MBIMSSfilter; C:\Windows\System32\Drivers\swinbus01f.sys [49144 2015-11-18] (Smith Micro Software, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
S1 ndisrd; C:\Windows\System32\DRIVERS\ndisrfl.sys [41176 2014-10-31] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw04.sys [3370248 2016-02-27] (Intel Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R1 OMNISMI; C:\Windows\SysWOW64\drivers\omnismi.sys [14776 2014-09-26] ()
S3 phidmice; C:\Windows\System32\DRIVERS\phidmice.sys [34816 2013-03-26] (TPMX Electronics Ltd.)
S3 pmouself; C:\Windows\System32\DRIVERS\pmouself.sys [23040 2013-03-26] (TPMX Electronics Ltd.)
S3 pvendrlf; C:\Windows\System32\DRIVERS\pvendrlf.sys [12288 2013-03-26] (TPMX Electronics Ltd.)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2980568 2014-12-09] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [41576 2015-11-16] (Synaptics Incorporated)
R3 SWMBIM; C:\Windows\System32\DRIVERS\SWMBIM01.sys [137720 2015-11-18] (Smith Micro Software, Inc.)
R3 SzCCID; C:\Windows\System32\DRIVERS\SzCCID.sys [39936 2013-12-05] (Generic)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

[ADA64]

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-20 16:28 - 2016-06-20 16:28 - 00029373 _____ C:\Users\JAG\Desktop\FRST.txt
2016-06-20 16:27 - 2016-06-20 16:28 - 00000000 ____D C:\FRST
2016-06-20 16:25 - 2016-06-20 16:25 - 02387456 _____ (Farbar) C:\Users\JAG\Desktop\FRST64.exe
16-06-17 15:36 - 2016-06-17 15:36 - 00027886 _____ C:\Users\JAG\Downloads\Falcon_BMS_4.32_Setup.torrent
2016-06-17 15:30 - 2016-06-17 15:30 - 03327970 _____ C:\Users\JAG\Downloads\42CVS_SKIN.zip.pdf
2016-06-17 14:59 - 2016-06-17 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MicroProse
2016-06-17 14:59 - 2016-06-17 14:59 - 00000000 ____D C:\MicroProse
2016-06-17 14:16 - 2016-06-17 14:20 - 00000000 ____D C:\Users\JAG\Downloads\Falcon
2016-06-17 14:11 - 1998-10-02 19:00 - 00327168 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2016-06-17 12:32 - 2016-06-17 12:32 - 00003065 _____ C:\Users\JAG\Documents\Můj film.wlmp
2016-06-17 12:14 - 2016-06-17 12:14 - 07870918 _____ C:\Users\JAG\Downloads\ASD1.avi
2016-06-17 12:13 - 2016-06-17 12:13 - 08476580 _____ C:\Users\JAG\Downloads\ASD.avi
2016-06-17 12:06 - 2016-06-17 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64 bits)
2016-06-17 12:04 - 2016-06-18 14:58 - 00000000 ____D C:\Users\JAG\AppData\Roaming\avidemux
2016-06-17 12:04 - 2016-06-17 12:06 - 00000925 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 64 bits.lnk
2016-06-17 12:04 - 2016-06-17 12:06 - 00000000 ____D C:\Program Files\Avidemux 2.6 - 64 bits
2016-06-17 12:02 - 2016-06-17 12:02 - 16551380 _____ C:\Users\JAG\Downloads\avidemux_2.6.12Win64-bit.exe
2016-06-17 11:39 - 2016-06-17 11:39 - 00001385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-06-17 11:39 - 2016-06-17 11:39 - 00001316 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-06-17 11:39 - 2016-06-17 11:39 - 00000000 ____D C:\Windows\cs
2016-06-17 11:39 - 2016-06-17 11:39 - 00000000 ____D C:\Program Files (x86)\Windows Live
2016-06-17 11:39 - 2016-06-17 11:39 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-06-17 11:39 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-06-17 11:39 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-06-17 11:39 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-06-17 11:39 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-06-17 11:39 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-06-17 11:39 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-06-17 11:39 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-06-17 11:39 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-06-17 11:39 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-06-17 11:39 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-06-17 11:39 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-06-17 11:39 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-06-17 11:38 - 2016-06-17 11:46 - 00000000 ____D C:\Users\JAG\AppData\Local\Windows Live
2016-06-16 15:27 - 2016-06-16 15:27 - 00001117 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-06-16 15:27 - 2016-06-16 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2016-06-16 15:25 - 2016-06-16 15:25 - 13677800 _____ (Google) C:\Users\JAG\Downloads\picasa.exe.EXE
2016-06-16 15:25 - 2016-06-16 15:25 - 01035592 _____ (Tik ) C:\Users\JAG\Downloads\picasa.exe
2016-06-16 11:46 - 2016-06-16 11:46 - 00001872 _____ C:\Users\JAG\Desktop\aswMBR.txt
2016-06-16 11:46 - 2016-06-16 11:46 - 00000512 _____ C:\Users\JAG\Desktop\MBR.dat
2016-06-16 11:41 - 2016-06-16 11:41 - 00013376 _____ C:\Users\JAG\Desktop\hijackthisCT
2016-06-16 11:40 - 2016-06-16 11:40 - 00046037 _____ C:\Users\JAG\Desktop\CombofixCT.txt
2016-06-16 11:33 - 2016-06-16 11:33 - 00046037 _____ C:\ComboFix.txt
2016-06-16 11:24 - 2016-06-16 11:24 - 00002678 _____ C:\Users\JAG\Desktop\Ukol.txt
2016-06-16 11:01 - 2016-06-16 11:01 - 05200384 _____ (AVAST Software) C:\Users\JAG\Desktop\aswmbr.exe
2016-06-15 15:58 - 2016-05-24 01:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-15 15:58 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-15 15:58 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-15 15:58 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-15 15:58 - 2016-05-21 00:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-15 15:58 - 2016-05-21 00:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-15 15:58 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-15 15:58 - 2016-05-21 00:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-15 15:58 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-15 15:58 - 2016-05-21 00:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-15 15:58 - 2016-05-21 00:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-15 15:58 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-15 15:58 - 2016-05-21 00:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-15 15:58 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-15 15:58 - 2016-05-21 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-15 15:58 - 2016-05-20 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-15 15:58 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-15 15:58 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-15 15:58 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-15 15:58 - 2016-05-20 23:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-15 15:58 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-15 15:58 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-15 15:58 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-15 15:58 - 2016-05-20 23:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-15 15:58 - 2016-05-20 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-15 15:58 - 2016-05-20 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-15 15:58 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-15 15:58 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-15 15:58 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-15 15:58 - 2016-05-20 23:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-15 15:58 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-15 15:58 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-15 15:58 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-15 15:58 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-15 15:58 - 2016-05-20 23:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-15 15:58 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-15 15:58 - 2016-05-20 23:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-15 15:58 - 2016-05-20 23:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-15 15:58 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-15 15:58 - 2016-05-20 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-15 15:58 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-15 15:58 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-15 15:58 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-15 15:58 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-15 15:58 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-15 15:58 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-15 15:58 - 2016-05-20 23:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-15 15:58 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-15 15:58 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-15 15:58 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-15 15:58 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-15 15:58 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-15 15:58 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-15 15:58 - 2016-05-20 23:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-15 15:58 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-15 15:58 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-15 15:58 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-15 15:58 - 2016-05-20 23:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-15 15:58 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-15 15:58 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-15 15:58 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-15 15:58 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-15 15:58 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-15 15:58 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-15 15:58 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-15 15:58 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-15 15:58 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-15 15:58 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 15:58 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 15:58 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-15 15:58 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 15:58 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-15 15:58 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-15 15:58 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-15 15:58 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-15 15:58 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-15 15:58 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-15 15:58 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-15 15:58 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 15:58 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-15 15:58 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-15 15:58 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-15 15:58 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-15 15:58 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-15 15:58 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-15 15:58 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 15:58 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-15 15:58 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-15 15:58 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-15 15:58 - 2016-05-12 17:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-06-15 15:58 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-15 15:58 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-15 15:58 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 15:58 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 15:58 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-15 15:58 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 15:58 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-15 15:58 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-15 15:58 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-15 15:58 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-15 15:58 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2016-06-15 15:58 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-15 15:58 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-15 15:58 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-15 15:58 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-15 15:58 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-15 15:58 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 15:58 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 15:58 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 15:58 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 15:58 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 15:58 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-15 15:58 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-15 15:58 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 15:58 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-15 15:58 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-15 15:58 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-14 18:15 - 2016-06-14 18:15 - 00032889 _____ C:\Users\JAG\Desktop\ComboFixLog.txt
2016-06-14 17:57 - 2016-06-14 17:57 - 00002564 _____ C:\Users\JAG\Desktop\Nevim.txt
2016-06-14 16:44 - 2016-06-16 11:33 - 00000000 ____D C:\Qoobox
2016-06-14 16:44 - 2016-06-16 11:30 - 00000000 ____D C:\Windows\erdnt
2016-06-14 16:44 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-06-14 16:44 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-06-14 16:44 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-06-14 16:44 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-06-14 16:44 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-06-14 16:44 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-06-14 16:44 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-06-14 16:44 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-06-14 16:40 - 2016-06-14 16:40 - 00000000 ____D C:\Users\JAG\Desktop\backups
2016-06-14 16:35 - 2016-06-14 16:35 - 05659224 ____R (Swearware) C:\Users\JAG\Desktop\ComboFix.exe
2016-06-14 14:11 - 2016-06-14 14:11 - 00016107 _____ C:\Users\JAG\Desktop\hijackthis UT1
2016-06-14 11:23 - 2016-06-14 11:23 - 00015530 _____ C:\Users\JAG\Desktop\hijackthis UT.txt
2016-06-14 11:22 - 2016-06-14 11:22 - 00000000 ____D C:\Users\JAG\AppData\Local\GHISLER
2016-06-14 11:20 - 2016-06-14 11:20 - 00013661 _____ C:\Users\JAG\Desktop\zoek-results.txt
2016-06-14 11:17 - 2016-06-14 11:04 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-06-14 11:04 - 2016-06-14 11:15 - 00000000 ____D C:\zoek_backup
2016-06-14 11:03 - 2016-06-14 11:03 - 01309184 _____ C:\Users\JAG\Desktop\zoek.exe
2016-06-14 11:01 - 2016-06-14 11:01 - 00006516 _____ C:\Users\JAG\Desktop\rk_8417.tmp.txt
2016-06-14 10:10 - 2016-06-14 10:11 - 24206920 _____ C:\Users\JAG\Desktop\RogueKillerX64.exe
2016-06-13 20:50 - 2016-06-13 20:50 - 00017508 _____ C:\Users\JAG\Downloads\INFD_WSCR_29322f2627.pdf
2016-06-13 11:08 - 2016-06-14 10:17 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-06-13 11:07 - 2016-06-13 11:35 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-13 10:56 - 2016-06-14 10:19 - 00004247 _____ C:\Users\JAG\Desktop\JRT.txt
2016-06-13 10:45 - 2016-06-06 18:58 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-13 10:45 - 2016-06-06 18:50 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-13 10:45 - 2016-06-03 15:05 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-13 10:45 - 2016-05-27 15:06 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-13 10:45 - 2016-05-27 15:06 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-13 10:45 - 2016-05-27 15:06 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-13 10:45 - 2016-05-27 15:06 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-13 10:45 - 2016-05-22 15:06 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-13 09:02 - 2016-06-13 09:02 - 01610816 _____ (Malwarebytes) C:\Users\JAG\Desktop\JRT.exe
2016-06-10 16:53 - 2016-06-10 16:53 - 00017508 _____ C:\Users\JAG\Downloads\INFD_WSCR_c8c43cfa9b.pdf
2016-06-10 16:51 - 2016-06-10 16:51 - 00009560 _____ C:\Users\JAG\Downloads\INFD_WSCR_3cbad319b9.pdf
2016-06-07 15:46 - 2016-06-13 10:41 - 00000000 ____D C:\AdwCleaner
2016-06-07 15:45 - 2016-06-07 15:44 - 03677248 _____ C:\Users\JAG\Desktop\AdwCleaner.exe
2016-06-07 15:44 - 2016-06-07 15:44 - 03677248 _____ C:\Users\JAG\Downloads\AdwCleaner.exe
2016-06-07 15:32 - 2016-06-07 15:33 - 00448512 _____ (OldTimer Tools) C:\Users\JAG\Downloads\TFC.exe
2016-06-06 16:42 - 2016-06-14 15:56 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-06 16:42 - 2016-06-06 16:42 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-06 16:42 - 2016-06-06 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-06 16:42 - 2016-06-06 16:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-06 16:42 - 2016-06-06 16:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-06 16:42 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-06 16:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-06 16:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-06 14:31 - 2016-06-06 14:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\JAG\Downloads\HijackThis (1).exe
2016-06-06 14:24 - 2016-06-06 14:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\JAG\Desktop\HijackThis.exe
2016-06-06 13:27 - 2016-06-06 14:07 - 00003220 _____ C:\Windows\System32\Tasks\GridinSoft Anti-Malware
2016-06-06 13:27 - 2016-06-06 13:27 - 00000000 ____D C:\ProgramData\GridinSoft
2016-06-06 13:26 - 2016-06-06 13:27 - 62215344 _____ C:\Users\JAG\Downloads\gsam-3.0.38-setup.exe
2016-06-06 06:48 - 2016-06-06 06:48 - 02870984 _____ (ESET) C:\Users\JAG\Downloads\esetsmartinstaller_csy.exe
2016-06-02 19:18 - 2016-06-06 12:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-06-02 13:48 - 2016-06-02 13:48 - 25148104 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2016-06-02 13:48 - 2016-06-02 13:48 - 01423512 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2016-06-02 13:48 - 2016-06-02 13:48 - 01420384 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2016-06-02 13:48 - 2016-06-02 13:48 - 00231320 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2016-06-02 13:48 - 2016-06-02 13:48 - 00219296 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2016-06-02 13:48 - 2016-06-02 13:48 - 00194872 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2016-06-02 13:48 - 2016-06-02 13:48 - 00185992 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2016-06-02 13:47 - 2016-06-02 13:47 - 18046528 _____ C:\Windows\system32\igd11dxva64.dll
2016-06-02 13:47 - 2016-06-02 13:47 - 01502024 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2016-06-02 13:47 - 2016-06-02 13:47 - 01154400 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2016-06-02 13:46 - 2016-06-02 13:46 - 17566536 _____ C:\Windows\SysWOW64\igd11dxva32.dll
2016-06-02 13:46 - 2016-06-02 13:46 - 08818088 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2016-06-02 13:45 - 2016-06-02 13:45 - 00294048 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2016-06-02 13:45 - 2016-06-02 13:45 - 00273776 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2016-06-02 13:40 - 2016-06-02 13:40 - 00617976 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2016-06-02 13:39 - 2016-06-02 13:39 - 02048512 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2016-06-02 13:39 - 2016-06-02 13:39 - 00392168 _____ C:\Windows\system32\igfxTray.exe
2016-06-02 13:39 - 2016-06-02 13:39 - 00381952 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2016-06-02 13:39 - 2016-06-02 13:39 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2016-06-02 13:39 - 2016-06-02 13:39 - 00313856 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2016-06-02 13:39 - 2016-06-02 13:39 - 00289256 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2016-06-02 13:39 - 2016-06-02 13:39 - 00258536 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2016-06-02 13:39 - 2016-06-02 13:39 - 00228840 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-06-02 13:39 - 2016-06-02 13:39 - 00199168 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4432.dll
2016-06-02 13:39 - 2016-06-02 13:39 - 00095232 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2016-06-02 13:39 - 2016-06-02 13:39 - 00091136 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2016-06-02 13:39 - 2016-06-02 13:39 - 00044032 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-06-02 13:39 - 2016-06-02 13:39 - 00018944 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2016-06-02 13:39 - 2016-06-02 13:39 - 00018936 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2016-06-02 13:39 - 2016-06-02 13:39 - 00013824 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2016-06-02 13:39 - 2016-06-02 13:39 - 00013824 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 15993856 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 04932072 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-06-02 13:38 - 2016-06-02 13:38 - 03606520 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 03339264 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 01381376 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 01074688 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 00707072 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 00323560 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2016-06-02 13:38 - 2016-06-02 13:38 - 00296960 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 00264704 _____ C:\Windows\system32\igfxCPL.cpl
2016-06-02 13:38 - 2016-06-02 13:38 - 00228352 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 00218104 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 00184832 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 00095232 _____ C:\Windows\system32\igfxCUIServicePS.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 00082432 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 00069624 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 00019968 _____ ( ) C:\Windows\system32\igfxDILib.dll
2016-06-02 13:38 - 2016-06-02 13:38 - 00019448 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2016-06-02 13:37 - 2016-06-02 13:37 - 10863608 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2016-06-02 13:37 - 2016-06-02 13:37 - 07506432 _____ (Intel Corporation) C:\Windows\SysWOW64\ig8icd32.dll
2016-06-02 13:37 - 2016-06-02 13:37 - 00434176 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2016-06-02 13:37 - 2016-06-02 13:37 - 00384504 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2016-06-02 13:37 - 2016-06-02 13:37 - 00200696 _____ C:\Windows\system32\igdde64.dll
2016-06-02 13:37 - 2016-06-02 13:37 - 00182776 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2016-06-02 13:37 - 2016-06-02 13:37 - 00163840 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2016-06-02 13:37 - 2016-06-02 13:37 - 00161784 _____ C:\Windows\SysWOW64\igdde32.dll
2016-06-02 13:36 - 2016-06-02 13:36 - 01139704 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2016-06-02 13:36 - 2016-06-02 13:36 - 01050088 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2016-06-02 13:36 - 2016-06-02 13:36 - 01046504 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2016-06-02 13:36 - 2016-06-02 13:36 - 00458216 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2016-06-02 13:36 - 2016-06-02 13:36 - 00348648 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2016-06-02 13:35 - 2016-06-02 13:35 - 00349160 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2016-06-02 13:35 - 2016-06-02 13:35 - 00166376 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-06-02 13:32 - 2016-06-02 13:32 - 09516024 _____ (Intel Corporation) C:\Windows\system32\ig8icd64.dll
2016-06-02 13:32 - 2016-06-02 13:32 - 00102904 _____ C:\Windows\system32\IccLibDll_x64.dll
2016-06-02 13:12 - 2016-06-02 13:12 - 00403671 _____ C:\Windows\system32\ImageStabilization.wmv
2016-06-02 13:12 - 2016-06-02 13:12 - 00004052 _____ C:\Windows\system32\iglhxs64.vp
2016-06-02 13:11 - 2016-06-02 13:11 - 06725162 _____ C:\Windows\system32\igdclbif.bin
2016-06-02 13:11 - 2016-06-02 13:11 - 00641530 _____ C:\Windows\system32\FilmModeDetection.wmv
2016-06-02 13:11 - 2016-06-02 13:11 - 00375173 _____ C:\Windows\system32\ColorImageEnhancement.wmv
2016-06-02 13:11 - 2016-06-02 13:11 - 00000935 _____ C:\Windows\system32\Gfxv4_0.exe.config
2016-06-02 13:11 - 2016-06-02 13:11 - 00000935 _____ C:\Windows\system32\DPTopologyApp.exe.config
2016-06-02 13:11 - 2016-06-02 13:11 - 00000895 _____ C:\Windows\system32\Gfxv2_0.exe.config
2016-06-02 13:11 - 2016-06-02 13:11 - 00000895 _____ C:\Windows\system32\DPTopologyAppv2_0.exe.config
2016-06-01 15:24 - 2016-06-01 15:24 - 05446888 _____ (Gaijin Entertainment ) C:\Users\JAG\Downloads\wt_launcher_1.0.1.632.exe
2016-06-01 12:10 - 2016-06-01 13:12 - 00004270 _____ C:\SISTodo
2016-06-01 12:10 - 2016-06-01 13:12 - 00000042 _____ C:\SISHashTodo
2016-05-31 15:25 - 2016-05-31 15:25 - 00013738 _____ C:\Users\JAG\Downloads\addon_152_signed.xpi
2016-05-31 15:23 - 2016-05-31 15:23 - 00077691 _____ C:\Users\JAG\Downloads\chrome-youtube-downloader-2.6.14.zip
2016-05-31 15:12 - 2016-05-31 15:12 - 00010443 _____ C:\Users\JAG\Downloads\ClipConverter.user.js
2016-05-31 13:51 - 2016-05-31 13:51 - 00038206 _____ C:\Users\JAG\Downloads\order_400.pdf
2016-05-30 13:39 - 2016-05-30 13:39 - 00380068 _____ (Irfan Skiljan) C:\Users\JAG\Downloads\irfanview_lang_czech.exe
2016-05-30 13:38 - 2016-05-30 13:38 - 26303840 _____ (Irfan Skiljan) C:\Users\JAG\Downloads\irfanview_plugins_x64_441_setup.exe
2016-05-30 13:38 - 2016-05-30 13:38 - 00001859 _____ C:\Users\JAG\Desktop\IrfanView 64 Thumbnails.lnk
2016-05-30 13:38 - 2016-05-30 13:38 - 00000985 _____ C:\Users\JAG\Desktop\IrfanView 64.lnk
2016-05-30 13:38 - 2016-05-30 13:38 - 00000000 ____D C:\Users\JAG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-05-30 13:38 - 2016-05-30 13:38 - 00000000 ____D C:\Users\JAG\AppData\Roaming\IrfanView
2016-05-30 13:38 - 2016-05-30 13:38 - 00000000 ____D C:\Program Files\IrfanView
2016-05-30 13:36 - 2016-05-30 13:36 - 03350368 _____ (Irfan Skiljan) C:\Users\JAG\Downloads\iview441_x64_setup.exe
2016-05-30 12:34 - 2016-06-15 16:39 - 00000000 ____D C:\Windows\pss
2016-05-26 14:41 - 2016-05-26 14:41 - 12304975 _____ C:\Users\JAG\Downloads\CSCZE_CG3533_GLX_og_200701.pdf
2016-05-26 14:33 - 2016-05-26 14:34 - 36513143 _____ C:\Users\JAG\Downloads\Manual-C-max-od-2007.pdf
2016-05-26 13:41 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-05-26 13:41 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-05-26 13:41 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-05-26 13:41 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-05-26 13:41 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-05-26 13:41 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-05-26 13:41 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-05-26 13:41 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-05-26 13:41 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-05-26 13:41 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-05-26 13:41 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-05-26 13:41 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-05-26 13:41 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-05-26 13:41 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-05-26 13:41 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-05-26 13:41 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-05-26 13:41 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-05-26 13:41 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-05-24 15:00 - 2016-05-26 14:00 - 00000000 ____D C:\Users\JAG\AppData\Local\ACD Systems
2016-05-24 15:00 - 2016-05-24 15:00 - 00000000 ____D C:\Users\JAG\AppData\Roaming\ACD Systems
2016-05-24 15:00 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-05-24 15:00 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-05-24 14:59 - 2016-05-24 14:59 - 00000000 ____D C:\Users\JAG\AppData\Local\Downloaded Installations
2016-05-24 14:59 - 2016-05-24 14:59 - 00000000 ____D C:\ProgramData\ACD Systems
2016-05-24 14:56 - 2016-05-24 14:56 - 01299752 _____ C:\Users\JAG\Downloads\acdseepro.exe
2016-05-24 14:53 - 2016-05-24 14:53 - 01324664 _____ C:\Users\JAG\Downloads\acdsee.exe
2016-05-23 17:04 - 2016-05-23 17:04 - 00103245 _____ C:\Users\JAG\Downloads\tech_nakres_mad501bnrz (1).pdf
2016-05-23 17:03 - 2016-05-23 17:03 - 00103245 _____ C:\Users\JAG\Downloads\tech_nakres_mad501bnrz.pdf
2016-05-21 23:54 - 2016-05-21 23:55 - 00000000 ____D C:\Users\JAG\Downloads\Mapy Lipno
2016-05-21 23:54 - 2016-05-21 23:54 - 00000000 ____D C:\Users\JAG\Downloads\Lipno GoPro

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-20 16:25 - 2016-01-05 13:01 - 00000000 ____D C:\Users\JAG\Documents\Soubory aplikace Outlook
2016-06-20 16:20 - 2009-07-14 06:45 - 00032208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-20 16:20 - 2009-07-14 06:45 - 00032208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-20 16:15 - 2015-12-13 01:06 - 00000000 ____D C:\Users\JAG\AppData\Roaming\Skype
2016-06-18 15:06 - 2015-08-29 14:32 - 00672046 _____ C:\Windows\system32\perfh005.dat
2016-06-18 15:06 - 2015-08-29 14:32 - 00142610 _____ C:\Windows\system32\perfc005.dat
2016-06-18 15:06 - 2009-07-14 07:13 - 01591814 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-18 15:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-18 15:02 - 2016-02-16 13:33 - 00000000 ___RD C:\Users\JAG\Disk Google
2016-06-18 15:01 - 2016-04-08 13:27 - 00000000 ____D C:\ProgramData\Synaptics
2016-06-18 15:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-17 15:30 - 2016-02-13 14:02 - 00000000 ____D C:\Users\JAG\AppData\Roaming\vlc
2016-06-17 15:04 - 2016-04-13 13:53 - 00000000 ____D C:\Users\JAG\AppData\Local\CrashDumps
2016-06-17 11:39 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-06-16 16:21 - 2016-02-13 14:01 - 00001077 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-06-16 15:27 - 2015-12-10 23:37 - 00000000 ____D C:\Users\JAG\AppData\Local\Google
2016-06-16 15:26 - 2015-12-10 23:37 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-16 15:10 - 2016-01-05 12:50 - 00000000 ____D C:\Users\JAG\Documents\!Personal
2016-06-16 13:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-06-16 11:32 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-06-16 11:30 - 2009-07-14 04:34 - 90177536 _____ C:\Windows\system32\config\SOFTWARE.bak
2016-06-16 11:30 - 2009-07-14 04:34 - 55312384 _____ C:\Windows\system32\config\components.bak
2016-06-16 11:30 - 2009-07-14 04:34 - 31195136 _____ C:\Windows\system32\config\SYSTEM.bak
2016-06-16 11:30 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2016-06-16 11:30 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2016-06-16 11:30 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2016-06-15 22:40 - 2010-11-21 05:27 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-15 16:14 - 2009-07-14 06:45 - 00467384 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-15 16:03 - 2015-12-10 23:53 - 00000000 ____D C:\Windows\system32\MRT
2016-06-15 16:00 - 2015-12-10 23:53 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-14 13:58 - 2016-04-27 11:26 - 00002096 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2016-06-14 13:58 - 2015-12-10 22:42 - 00000000 ____D C:\Users\JAG\AppData\Local\Lenovo
2016-06-14 13:58 - 2015-08-29 15:00 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2016-06-14 13:58 - 2015-08-29 15:00 - 00000000 ____D C:\Windows\Downloaded Installations
2016-06-13 10:46 - 2015-12-11 04:15 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-13 10:38 - 2015-12-10 22:42 - 00000000 __SHD C:\Users\JAG\IntelGraphicsProfiles
2016-06-10 07:57 - 2015-12-10 23:41 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-08 13:57 - 2015-12-13 01:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-08 13:57 - 2015-12-13 01:06 - 00000000 ____D C:\ProgramData\Skype
2016-06-06 13:22 - 2015-12-13 00:53 - 00000000 ____D C:\Users\JAG\AppData\Local\Microsoft Help
2016-06-06 13:07 - 2016-03-17 20:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-02 13:48 - 2015-09-24 13:48 - 04932264 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2016-06-02 13:48 - 2015-08-29 14:50 - 06258544 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2016-06-02 13:48 - 2015-08-29 14:50 - 00045952 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2016-06-02 13:47 - 2015-09-24 13:47 - 24344400 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2016-06-02 13:46 - 2015-08-29 14:50 - 09624800 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2016-06-02 13:39 - 2015-08-29 14:50 - 00095232 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2016-06-02 13:39 - 2015-08-29 14:50 - 00091136 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2016-06-02 13:38 - 2015-08-29 14:50 - 00354280 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2016-06-01 12:07 - 2016-01-08 21:30 - 00000000 ____D C:\SWSHARE
2016-05-30 14:02 - 2015-12-10 22:42 - 00000000 ____D C:\Users\JAG\AppData\Local\VirtualStore
2016-05-29 17:17 - 2016-02-16 13:29 - 00002053 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-05-29 17:17 - 2016-02-16 13:29 - 00002051 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-05-29 17:17 - 2016-02-16 13:29 - 00002041 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-05-29 17:17 - 2016-02-16 13:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-05-28 21:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-28 10:09 - 2016-02-08 11:55 - 00000000 ____D C:\Users\JAG\Downloads\Iveco_ceny
2016-05-26 13:57 - 2015-12-11 04:15 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-26 13:57 - 2015-12-11 04:15 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-23 23:10 - 2016-02-22 16:27 - 00000000 ____D C:\Users\JAG\AppData\Roaming\EurekaLog

==================== Files in the root of some directories =======

2016-01-24 13:06 - 2016-01-25 13:25 - 0038067 _____ () C:\Users\JAG\AppData\Roaming\Microsoft Excel 97-2003.ADR
2016-03-17 10:28 - 2016-03-17 10:28 - 0007623 _____ () C:\Users\JAG\AppData\Local\Resmon.ResmonCfg
2015-08-29 14:58 - 2015-08-29 14:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-01-15 17:41 - 2016-04-04 17:47 - 0007423 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\JAG\AppData\Local\Temp\vlc-2.2.4-win32.exe


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-17 12:50

==================== End of FRST.txt ============================

[ADA64]

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-06-2016 01
Ran by JAG (2016-06-20 16:28:57)
Running from C:\Users\JAG\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-12-10 20:42:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-377955874-304036406-2546264200-500 - Administrator - Disabled)
Guest (S-1-5-21-377955874-304036406-2546264200-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-377955874-304036406-2546264200-1002 - Limited - Enabled)
JAG (S-1-5-21-377955874-304036406-2546264200-1000 - Administrator - Enabled) => C:\Users\JAG

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 20.2.1 - HP Inc.) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.198 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.40.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.40.0 - Alcor Micro Corp.) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{d5572863-793c-4ec8-872a-43cccc68b948}) (Version: 18.40.0 - Intel Corporation)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
BufferChm (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeviceDiscovery (x32 Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DisplayLink Core Software (HKLM\...\{58F4C39B-D946-4A45-A314-DEFC2AFDF397}) (Version: 7.5.54609.0 - DisplayLink Corp.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Falcon 4.0 (HKLM-x32\...\Falcon 4.0) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP Color LaserJet CM1312 MFP Series 5.1 (HKLM\...\{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}) (Version: 5.1 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hppCLJCM1312 (x32 Version: 005.001.00142 - Hewlett-Packard) Hidden
hppFaxDrvCM1312 (x32 Version: 005.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1312 (x32 Version: 005.001.00137 - Název společnosti:) Hidden
hppFonts (x32 Version: 001.001.00061 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppManualsCM1312 (x32 Version: 005.001.00145 - Název společnosti:) Hidden
hppPQVideoCM1312 (x32 Version: 005.001.00142 - Hewlett-Packard) Hidden
hppQFolderCM1312 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM1312 (x32 Version: 005.001.00140 - Název společnosti:) Hidden
hppSendFaxCM1312 (x32 Version: 005.000.00001 - Název společnosti:) Hidden
hppTLBXFXCM1312 (x32 Version: 001.017.00050 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
hpzTLBXFX (x32 Version: 005.003.00171 - Hewlett-Packard) Hidden
Inst5676 (Version: 8.01.57 - Softex Inc.) Hidden
Integrated Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10291 - Realtek Semiconductor Corp.)
Integrated Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11073 - Realtek Semiconductor Corp.)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4432 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.3.60 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{3F5D407B-86F5-4CA5-8F83-7C00BBB69080}) (Version: 5.1.23.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1450.402) (HKLM\...\{302600C1-6BDF-4FD1-1411-148929CC1385}) (Version: 17.1.1411.0502 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.81.00.08 - Lenovo)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.20 - Lenovo)
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.18.0 - Lenovo)
Lenovo Fingerprint Manager Pro (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.57 - Lenovo)
Lenovo Fingerprint Manager Pro (Version: 8.01.57 - Lenovo) Hidden
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.6.0004.00 - Lenovo Group Limited)
Lenovo Mouse Suite (HKLM\...\MouseSuite98) (Version: 6.74 - Lenovo)
Lenovo On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.80.05 - Lenovo)
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
Lenovo PowerENGAGE (HKLM-x32\...\{15B15395-FF53-44E1-ADAD-FCC279E3CA10}) (Version: 2.51.0040 - Lenovo Inc.)
Lenovo QuickControl (HKLM-x32\...\{04128C8C-7812-4DCC-816E-9C8AB1D6EECE}) (Version: 2.40 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0022 - Lenovo)
Lenovo USB Graphics (HKLM\...\{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}) (Version: 7.5.54614.0 - Lenovo)
Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.17 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Message Center Plus (HKLM\...\{EE4D9822-C7F3-4386-8703-889CDDA22FAA}) (Version: 3.4.0001.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office 2010 pro podnikatele (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Milestone XProtect Smart Client 2014 (64-bit) (HKLM\...\{2DAA8349-5698-4F3F-B634-F31AE3159CC6}) (Version: 9.0.1.510 - Milestone Systems A/S)
Milestone XProtect Smart Client 2014 (64-bit) (Version: 9.0.1.510 - Milestone Systems A/S) Hidden
ModemAuthenticator (HKLM-x32\...\{C6190DA9-5329-4BFD-A81E-5569A324CB35}) (Version: 1.0.16 - Intel Mobile Communications)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.1.5990 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 cs)) (Version: 45.1.1 - Mozilla)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.10 - Lenovo Group Limited)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7368 - Realtek Semiconductor Corp.)
Rescue and Recovery (HKLM-x32\...\{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}) (Version: 4.51.0045.00 - Lenovo Group Limited)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
Sierra Wireless EM7345 4G LTE Software (HKLM-x32\...\SWIIntelDrvInstaller) (Version: 2.14.10830.4412 - Sierra Wireless, Inc.)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.27.32 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{1C3CE37F-B15A-4438-9E7A-C15B18E27625}) (Version: 4.5.327.0 - Synaptics)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.327.0 - )
Thinkpad USB Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.14.1114.2014 - Lenovo)
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.26.81 - Lenovo)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.70.2.0 - Lenovo Group Limited)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
TrayApp (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Verizon Wireless Mobile Broadband Self Activation (HKLM-x32\...\{193CA6A6-E735-40B1-AA92-F611B291792C}) (Version: 3.2.2 - Smith Micro Software, Inc.)
Vision32 (HKLM-x32\...\Vision32_is1) (Version: - Vision Praha s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebReg (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows Driver Package - Intel (e1dexpress) Net (07/15/2014 12.12.50.7202) (HKLM\...\9831220A78BC6CDB16870D8F80FF2AB41814019A) (Version: 07/15/2014 12.12.50.7202 - Intel)
Windows Driver Package - Intel Corporation (iaStorA) HDC (11/06/2014 13.6.0.1002) (HKLM\...\55320B67E6FF26D5CF6A352973677B5A68BD028B) (Version: 11/06/2014 13.6.0.1002 - Intel Corporation)
Windows Driver Package - Lenovo 1.67.09.03 (11/07/2014 1.67.09.03) (HKLM\...\FA3F6F3D6E8958FDDEE1E09CC77DFA71B0D7835A) (Version: 11/07/2014 1.67.09.03 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00613A91-ADD0-4D2F-99F2-0FFC5452DE13} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {1088BBD1-68B7-4AD5-BF5F-ABD48B3C684F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {156D1F72-EE98-47D9-BFEB-E0BB77753F0A} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-10] ()
Task: {157D196F-A1BF-4291-973C-6723A9A7101C} - System32\Tasks\TVT\LaunchFR => C:\Program Files (x86)\Lenovo\Factory Recovery\FRReminder.exe [2014-08-21] (TODO: <Company name>)
Task: {1A8F9B0B-3C5A-4796-826A-6F59D9286594} - System32\Tasks\TVT\UpdateRnR => C:\Program Files (x86)\Common Files\LENOVO\Scheduler\tvtsetsched.exe [2013-03-11] ()
Task: {2BE3B392-18B2-4BCD-AF7F-80670AC908F3} - System32\Tasks\TVT\LaunchRnR => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [2013-03-11] (Lenovo Limited Group Corporation)
Task: {32553D10-BEF6-467B-AF00-0C0F05392E79} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
Task: {3C4A9E89-4A6C-481A-B37F-5C72C653ABDA} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {3D788925-9206-4136-A70B-676DF9712849} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {509ECBB8-DAAB-48B5-84A2-B5EE16C69EE5} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-10-07] (Realtek Semiconductor)
Task: {5F39D2D1-B8C0-4D22-990C-0DBF115350EB} - System32\Tasks\TVT\ChangePWD => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [2013-03-11] (Lenovo Limited Group Corporation)
Task: {670B74BE-D3D1-4723-8249-36AAFE5179FB} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2015-03-23] (Lenovo)
Task: {677C3EAF-7397-454B-A6DC-9EA64DAC3061} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {7D893781-4E61-42C4-B02F-6FC0238129AC} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-01] (Realtek Semiconductor)
Task: {8242F399-3CBF-43B3-9863-653DCA62E3F9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {82F8BBB6-6DC3-4250-8E21-F0E72472DC88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {855DD51C-3BF0-4C4B-8B15-123ECC4968F6} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-01-13] ()
Task: {87B8CBF2-3B6F-4C67-95AD-EC874DA50594} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {8BF0998D-AB08-4469-BCBE-4B0A4C2B29B2} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {8D70FCA5-E6EE-4045-9D49-50E32B2002E2} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-01] (Realtek Semiconductor)
Task: {B0A9964E-1C30-4D1E-8D85-FEB25B0B8361} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {B71BE21E-DA45-4D72-A9E3-96DF760E9452} - System32\Tasks\Lenovo\Lenovo PowerENGAGE => C:\Program Files (x86)\Lenovo Registration\lenovoreg.exe [2015-01-09] (Aviata Inc)
Task: {D8A18D8A-BA9D-47C3-B4FD-E713BBF9FF51} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
Task: {DD749C41-B291-4FE4-9384-BF1A7A8CF048} - System32\Tasks\Lenovo\Lenovo PowerENGAGE Update => C:\Program Files (x86)\Lenovo Registration\lenovoreg.exe [2015-01-09] (Aviata Inc)
Task: {E1FCDBE6-FC1C-44EE-88F9-B2A14146840E} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2016-04-14] (Lenovo Group Limited)
Task: {EB8CE162-6884-4485-8A3E-08316F276CCF} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\JAG\Desktop\Jiri - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\JAG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\JAG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Clicking Speed Test.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=ainfcnbaendflhcngeajchpabooflble
ShortcutWithArgument: C:\Users\JAG\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Jiri - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\JAG\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\JAG\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Jiří - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2015-11-18 23:57 - 2015-11-18 23:57 - 00113288 _____ () C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe
2015-11-18 23:57 - 2015-11-18 23:57 - 00577672 _____ () C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe
2015-12-13 00:29 - 2015-07-09 12:17 - 00184088 _____ () C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
2015-08-29 15:00 - 2016-04-14 06:08 - 00107008 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2016-02-20 20:18 - 2014-10-21 11:29 - 00601376 _____ () C:\Program Files\Lenovo\Password Manager\pwm_website_config.dll
2016-04-15 20:07 - 2016-04-15 20:07 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-08-29 15:00 - 2011-08-02 21:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2015-08-29 15:00 - 2011-08-02 21:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2014-10-21 11:26 - 2014-10-21 11:26 - 00546592 _____ () C:\Program Files (x86)\Lenovo\Password Manager\pwm_website_config.dll
2016-06-18 15:02 - 2016-06-18 15:02 - 00098816 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\win32api.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00110080 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\pywintypes27.dll
2016-06-18 15:02 - 2016-06-18 15:02 - 00364544 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\pythoncom27.dll
2016-06-18 15:02 - 2016-06-18 15:02 - 00320512 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\win32com.shell.shell.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00776704 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\_hashlib.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 01176576 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\wx._core_.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00806400 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\wx._gdi_.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00816128 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\wx._windows_.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 01067008 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\wx._controls_.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00733184 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\wx._misc_.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00682496 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\pysqlite2._sqlite.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00088064 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\_ctypes.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00119808 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\win32file.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00108544 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\win32security.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00007168 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\hashobjs_ext.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00017920 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\thumbnails_ext.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00088064 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\usb_ext.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00012288 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\common.time34.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00018432 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\win32event.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00167936 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\win32gui.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00046080 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\_socket.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 01208320 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\_ssl.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00128512 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\_elementtree.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00127488 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\pyexpat.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00038912 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\win32inet.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00036864 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\_psutil_windows.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00525208 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\windows._lib_cacheinvalidation.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00011264 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\win32crypt.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00077312 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\wx._html2.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00027136 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\_multiprocessing.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00020480 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\_yappi.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00035840 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\win32process.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00686080 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\unicodedata.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00078848 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\wx._animate.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00123392 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\wx._wizard.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00024064 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\win32pipe.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00010240 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\select.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00025600 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\win32pdh.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00017408 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\win32profile.pyd
2016-06-18 15:02 - 2016-06-18 15:02 - 00022528 ____R () C:\Users\JAG\AppData\Local\Temp\_MEI45802\win32ts.pyd
2014-10-10 18:37 - 2014-10-10 18:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-06-16 11:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-377955874-304036406-2546264200-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\JAG\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.254 - 10.0.0.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^JAG^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk => C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
MSCONFIG\startupreg: Daemon for Mouse Suite => C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE 30
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: PWMTRV => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
MSCONFIG\startupreg: RtsCM => RTSCM64.EXE
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: ToolBoxFX => "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{CA6C5BCF-C5F0-4989-864D-C65EA8F95C71}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{508C7FE6-2C27-42A5-928B-CC81930BF614}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{4947519F-C00F-4903-ABB6-CD84DCE88715}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{D9C214BF-6FC9-4D31-93BC-6CF5D9A7C98C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B6D96D3E-1E1A-42C4-A6E3-F16171E0786C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{D7D5FEEC-9B02-4CB5-A123-FB79B4D52F8E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{3ED565A6-7029-40C4-8664-584965A0B4CE}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{295F67EA-4AD6-4D79-ABCB-49DCB0A15AB7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{D83CC866-C331-424A-9217-BEB026D9C651}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{37DB09E7-61B1-4E06-B3C9-CB671C498D4D}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe] => (Allow) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe
FirewallRules: [UDP Query User{26AF3EDA-97B7-46ED-A75B-E983D0BFF15E}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe] => (Allow) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe
FirewallRules: [{AB12395E-A443-4250-AA8F-D846AF2158E3}] => (Block) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe
FirewallRules: [{886BE91E-3CD1-4BF5-9AC7-18B30F791964}] => (Block) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe
FirewallRules: [{8BCEE381-915D-4E77-9967-85969AB8985E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E37EC826-4728-48DA-94C6-4B9773AA6710}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FF4EF0F1-5920-4880-9C6E-58B72ACDD9B5}] => (Allow) LPort=2869
FirewallRules: [{2712B547-77EA-4971-ACC9-8828413BEA35}] => (Allow) LPort=1900

==================== Restore Points =========================

13-06-2016 09:05:34 Windows Update
13-06-2016 10:45:58 Windows Update
13-06-2016 10:54:41 JRT Pre-Junkware Removal
13-06-2016 16:52:31 Windows Update
14-06-2016 11:05:17 zoek.exe restore point
14-06-2016 13:10:26 Windows Update
14-06-2016 13:58:28 Installed Lenovo Solution Center.
15-06-2016 15:58:26 Windows Update
17-06-2016 11:38:47 Windows Live Essentials
17-06-2016 11:38:55 Nainstalováno rozhraní DirectX
17-06-2016 11:39:04 Nainstalováno rozhraní DirectX
17-06-2016 11:39:16 Nainstalováno rozhraní DirectX
17-06-2016 11:39:30 WLSetup
19-06-2016 13:15:10 Windows Update

==================== Faulty Device Manager Devices =============

Name: Intel(R) Technology Access Filter Driver
Description: Intel(R) Technology Access Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ndisrd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/18/2016 03:02:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/17/2016 03:04:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: falcon4.exe, verze: 1.0.0.1, časové razítko: 0x3669b0cc
Název chybujícího modulu: falcon4.exe, verze: 1.0.0.1, časové razítko: 0x3669b0cc
Kód výjimky: 0xc0000005
Posun chyby: 0x00172dfc
ID chybujícího procesu: 0x1cdc
Čas spuštění chybující aplikace: 0xfalcon4.exe0
Cesta k chybující aplikaci: falcon4.exe1
Cesta k chybujícímu modulu: falcon4.exe2
ID zprávy: falcon4.exe3

Error: (06/17/2016 12:19:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: avidemux.exe, verze: 2.6.14.29232, časové razítko: 0x00020000
Název chybujícího modulu: avidemux.exe, verze: 2.6.14.29232, časové razítko: 0x00020000
Kód výjimky: 0x40000015
Posun chyby: 0x000000000003997a
ID chybujícího procesu: 0x1278
Čas spuštění chybující aplikace: 0xavidemux.exe0
Cesta k chybující aplikaci: avidemux.exe1
Cesta k chybujícímu modulu: avidemux.exe2
ID zprávy: avidemux.exe3

Error: (06/17/2016 12:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: avidemux.exe, verze: 2.6.14.29232, časové razítko: 0x00020000
Název chybujícího modulu: avidemux.exe, verze: 2.6.14.29232, časové razítko: 0x00020000
Kód výjimky: 0x40000015
Posun chyby: 0x000000000003997a
ID chybujícího procesu: 0x2150
Čas spuštění chybující aplikace: 0xavidemux.exe0
Cesta k chybující aplikaci: avidemux.exe1
Cesta k chybujícímu modulu: avidemux.exe2
ID zprávy: avidemux.exe3

Error: (06/16/2016 11:56:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/16/2016 11:31:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2016 04:35:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2016 04:14:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2016 03:55:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2016 05:59:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/18/2016 03:04:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service neuspěla při spuštění v důsledku následující chyby:
%%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Error: (06/18/2016 03:04:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) HD Graphics Control Panel Service bylo dosaženo časového limitu (30000 ms).

Error: (06/18/2016 03:03:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
ndisrd

Error: (06/18/2016 03:03:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error: (06/18/2016 03:01:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service neuspěla při spuštění v důsledku následující chyby:
%%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Error: (06/18/2016 03:01:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) HD Graphics Control Panel Service bylo dosaženo časového limitu (30000 ms).

Error: (06/18/2016 03:01:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Lenovo Platform Service bylo dosaženo časového limitu (30000 ms).

Error: (06/16/2016 02:30:47 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu:

Předchozí verze podpisu: 116.3.0.0

Zdroj aktualizace: %NT AUTHORITY51

Fáze aktualizace: 4.9.0218.00

Zdrojová cesta: 4.9.0218.01

Typ podpisu: %NT AUTHORITY602

Typ aktualizace: %NT AUTHORITY604

Uživatel: NT AUTHORITY\NETWORK SERVICE

Aktuální verze modulu: %NT AUTHORITY605

Předchozí verze modulu: %NT AUTHORITY606

Kód chyby: %NT AUTHORITY607

Popis chyby: %NT AUTHORITY608

Error: (06/16/2016 02:30:47 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu:

Předchozí verze podpisu: 1.223.1665.0

Zdroj aktualizace: %NT AUTHORITY51

Fáze aktualizace: 4.9.0218.00

Zdrojová cesta: 4.9.0218.01

Typ podpisu: %NT AUTHORITY602

Typ aktualizace: %NT AUTHORITY604

Uživatel: NT AUTHORITY\NETWORK SERVICE

Aktuální verze modulu: %NT AUTHORITY605

Předchozí verze modulu: %NT AUTHORITY606

Kód chyby: %NT AUTHORITY607

Popis chyby: %NT AUTHORITY608

Error: (06/16/2016 02:30:47 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu:

Předchozí verze podpisu: 1.223.1665.0

Zdroj aktualizace: %NT AUTHORITY51

Fáze aktualizace: 4.9.0218.00

Zdrojová cesta: 4.9.0218.01

Typ podpisu: %NT AUTHORITY602

Typ aktualizace: %NT AUTHORITY604

Uživatel: NT AUTHORITY\NETWORK SERVICE

Aktuální verze modulu: %NT AUTHORITY605

Předchozí verze modulu: %NT AUTHORITY606

Kód chyby: %NT AUTHORITY607

Popis chyby: %NT AUTHORITY608


CodeIntegrity:
===================================
Date: 2016-06-16 11:29:48.319
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-16 11:29:48.279
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-16 11:29:48.249
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-16 11:29:48.209
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-16 11:27:40.109
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-16 11:27:40.069
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-16 11:27:40.039
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-16 11:27:39.999
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-14 17:43:31.331
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-14 17:43:31.201
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-5600U CPU @ 2.60GHz
Percentage of memory in use: 28%
Total physical RAM: 11984.09 MB
Available physical RAM: 8551.74 MB
Total Virtual: 23966.36 MB
Available Virtual: 20733.11 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:460.02 GB) (Free:135.11 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.45 GB) (Free:4.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 1F4772FA)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=460 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Stav: zatím vše stejné viz minulý příspěvek.

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-377955874-304036406-2546264200-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-377955874-304036406-2546264200-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKU\S-1-5-21-377955874-304036406-2546264200-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
C:\ProgramData\DP45977C.lfl
C:\ProgramData\hpzinstall.log
C:\Users\JAG\AppData\Local\Temp\vlc-2.2.4-win32.exe
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll
Task: {1088BBD1-68B7-4AD5-BF5F-ABD48B3C684F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\JAG\AppData\Local\Temp\_MEI45802

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[ADA64]

1) Fixlist

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-06-2016 02
Ran by JAG (2016-06-27 19:09:01) Run:3
Running from C:\Users\JAG\Desktop
Loaded Profiles: JAG (Available Profiles: JAG)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-377955874-304036406-2546264200-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-377955874-304036406-2546264200-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKU\S-1-5-21-377955874-304036406-2546264200-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
C:\ProgramData\DP45977C.lfl
C:\ProgramData\hpzinstall.log
C:\Users\JAG\AppData\Local\Temp\vlc-2.2.4-win32.exe
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll
Task: {1088BBD1-68B7-4AD5-BF5F-ABD48B3C684F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\JAG\AppData\Local\Temp\_MEI45802

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKU\S-1-5-21-377955874-304036406-2546264200-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-377955874-304036406-2546264200-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key not found.
HKU\S-1-5-21-377955874-304036406-2546264200-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => key not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj" => key removed successfully
catchme => service not found.
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\hpzinstall.log => moved successfully
"C:\Users\JAG\AppData\Local\Temp\vlc-2.2.4-win32.exe" => not found.
"C:\Windows\SysWOW64\dlumd10.dll" => not found.
"C:\Windows\SysWOW64\dlumd11.dll" => not found.
"C:\Windows\SysWOW64\dlumd9.dll" => not found.
"C:\Windows\System32\dlumd10.dll" => not found.
"C:\Windows\System32\dlumd11.dll" => not found.
"C:\Windows\System32\dlumd9.dll" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1088BBD1-68B7-4AD5-BF5F-ABD48B3C684F} => key not found.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key not found.
"C:\Users\JAG\AppData\Local\Temp\_MEI45802" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11487947 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 238034 B
Edge => 0 B
Chrome => 164275293 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 23246 B
JAG => 42484875 B

RecycleBin => 0 B
EmptyTemp: => 216.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:09:13 ====

[ADA64]

2) OTL
OTL logfile created on: 27.6.2016 19:16:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JAG\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18349)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

11,70 Gb Total Physical Memory | 8,62 Gb Available Physical Memory | 73,69% Memory free
23,40 Gb Paging File | 20,61 Gb Available in Paging File | 88,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 460,02 Gb Total Space | 133,79 Gb Free Space | 29,08% Space Free | Partition Type: NTFS
Drive Q: | 15,45 Gb Total Space | 4,81 Gb Free Space | 31,11% Space Free | Partition Type: NTFS

Computer Name: JAG-PC | User Name: JAG | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\JAG\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Lenovo)
PRC - C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (Lenovo)
PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Lenovo)
PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo)
PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe (Lenovo)
PRC - C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe ()
PRC - C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareUpdaterService.exe ()
PRC - C:\Program Files (x86)\Sierra Wireless Inc\Utils\SwiService.exe (Sierra Wireless, Inc.)
PRC - C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe (Intel Mobile Communications)
PRC - C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe (Lenovo)
PRC - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Common Files\LENOVO\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)


========== Modules (No Company Name) ==========

MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\wx._core_.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\wx._controls_.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\wx._windows_.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\wx._gdi_.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\wx._misc_.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\unicodedata.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\pysqlite2._sqlite.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\windows._lib_cacheinvalidation.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\pythoncom27.dll ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\win32com.shell.shell.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\win32gui.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\pyexpat.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\wx._wizard.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\win32file.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\win32security.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\win32api.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\usb_ext.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\wx._animate.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\wx._html2.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\win32inet.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\win32process.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\win32pdh.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\win32pipe.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\win32ts.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\win32event.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\thumbnails_ext.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\win32profile.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\win32crypt.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\select.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\_ssl.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\_hashlib.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\_elementtree.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\PyWinTypes27.dll ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\_ctypes.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\_socket.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\_psutil_windows.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\_multiprocessing.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\_yappi.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\common.time34.pyd ()
MOD - C:\Users\JAG\AppData\Local\Temp\_MEI57602\hashobjs_ext.pyd ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\6b3bc806e6d6a2c73c6d9f1429395698\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a57805cc2d492d82e327b83ab24fad62\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\36599a72e79974ff4c004c43df9fce2b\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\d03eb8a47500f40d5428f9c6875f8e56\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\affcb83bba04f782c2586a1788330891\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe ()
MOD - C:\Program Files (x86)\Lenovo\Password Manager\pwm_website_config.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (IBMPMSVC) -- C:\Windows\SysNative\ibmpmsvc.exe (Lenovo.)
SRV:64bit: - (LPlatSvc) -- C:\Windows\SysNative\LPlatSvc.exe (Lenovo.)
SRV:64bit: - (LSC.Services.SystemService) -- C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe (Lenovo)
SRV:64bit: - (igfxCUIService2.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (TPHKLOAD) -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (valWBFPolicyService) -- C:\Windows\SysNative\valWBFPolicyService.exe (Synaptics Incorporated)
SRV:64bit: - (LENOVO.MICMUTE) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)
SRV:64bit: - (LENOVO.TVTVCAM) -- C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe (Lenovo Group Limited)
SRV:64bit: - (LENOVO.TPKNRSVC) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited)
SRV:64bit: - (LENOVO.CAMMUTE) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited)
SRV:64bit: - (TPHDEXLGSVC) -- C:\Windows\SysNative\TPHDEXLG64.exe (Lenovo.)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (Lenovo.VIRTSCRLSVC) -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe (Lenovo Group Limited)
SRV:64bit: - (PelService) -- C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe ()
SRV:64bit: - (TPHKSVC) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (DisplayLinkService) -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe (DisplayLink Corp.)
SRV:64bit: - (lnvDiscoveryWinSvc) -- C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe (Lenovo)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Power Manager DBC Service) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe (Lenovo)
SRV - (DozeSvc) -- C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE (Lenovo.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes)
SRV - (AcSvc) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Lenovo)
SRV - (AcPrfMgrSvc) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo)
SRV - (ShareItSvc) -- C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.Service.exe (SHAREit Technologies Co.Ltd)
SRV - (SUService) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe ()
SRV - (FirmwareUpdaterService) -- C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareUpdaterService.exe ()
SRV - (SwiService) -- C:\Program Files (x86)\Sierra Wireless Inc\Utils\SwiService.exe (Sierra Wireless, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (iumsvc) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel Corporation)
SRV - (IntelModemAuthenticator) -- C:\Program Files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe (Intel Mobile Communications)
SRV - (Sony PC Companion) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (LenovoProdRegManager) -- C:\Program Files (x86)\Lenovo Registration\EngageService.exe (Aviata, Inc.)
SRV - (iBtSiva) -- C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe (Intel Corporation)
SRV - (Lenovo EasyPlus Hotspot) -- C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe (Lenovo)
SRV - (QuickControlService) -- C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe (Lenovo Group Limited)
SRV - (QuickControlMasterSvc) -- C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe (Lenovo Group Limited)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Motorola Solutions, Inc.)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (ThinkVantage Registry Monitor Service) -- C:\Program Files (x86)\Common Files\LENOVO\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (HP LaserJet Service) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)


========== Driver Services (SafeList) ==========

DRV:64bit: - (IBMPMDRV) -- C:\Windows\SysNative\drivers\ibmpmdrv.sys (Lenovo.)
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (DzHDD64) -- C:\Windows\SysNative\drivers\DZHDD64.SYS (Lenovo.)
DRV:64bit: - (TPPWRIF) -- C:\Windows\SysNative\drivers\TPPWR64V.SYS (Lenovo Group Limited)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\Netwsw04.sys (Intel Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (e1dexpress) -- C:\Windows\SysNative\drivers\e1d62x64.sys (Intel Corporation)
DRV:64bit: - (SWMBIM) -- C:\Windows\SysNative\drivers\SWMBIM01.sys (Smith Micro Software, Inc.)
DRV:64bit: - (MBIMSSfilter) -- C:\Windows\SysNative\drivers\swinbus01f.sys (Smith Micro Software, Inc.)
DRV:64bit: - (MBIMSS) -- C:\Windows\SysNative\drivers\swinbus01.sys (Smith Micro Software, Inc.)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (Shockprf) -- C:\Windows\SysNative\drivers\ApsX64.sys (Lenovo.)
DRV:64bit: - (TPDIGIMN) -- C:\Windows\SysNative\drivers\ApsHM64.sys (Lenovo.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (FlashUSB) -- C:\Windows\SysNative\drivers\FlashUSB.sys (Intel Mobile Communications)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iaStorF) -- C:\Windows\SysNative\drivers\iaStorF.sys (Intel Corporation)
DRV:64bit: - (ibtusb) -- C:\Windows\SysNative\drivers\ibtusb.sys (Intel Corporation)
DRV:64bit: - (rtsuvc) -- C:\Windows\SysNative\drivers\rtsuvc.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Motorola Solutions, Inc.)
DRV:64bit: - (ndisrd) -- C:\Windows\SysNative\drivers\ndisrfl.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Motorola Solutions, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (RTSPER) -- C:\Windows\SysNative\drivers\RtsPer.sys (Realsil Semiconductor Corporation)
DRV:64bit: - (SzCCID) -- C:\Windows\SysNative\drivers\SzCCID.sys (Generic)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (pvendrlf) -- C:\Windows\SysNative\drivers\pvendrlf.SYS (TPMX Electronics Ltd.)
DRV:64bit: - (phidmice) -- C:\Windows\SysNative\drivers\phidmice.sys (TPMX Electronics Ltd.)
DRV:64bit: - (pmouself) -- C:\Windows\SysNative\drivers\pmouself.SYS (TPMX Electronics Ltd.)
DRV:64bit: - (usbrndis6) -- C:\Windows\SysNative\drivers\usb80236.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (psadd) -- C:\Windows\SysNative\drivers\psadd.sys (Lenovo Information Product(ShenZhen China) Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (HPFXBULK) -- C:\Windows\SysNative\drivers\hpfx64bulk.sys (Hewlett Packard)
DRV:64bit: - (HPEWSFXBULK) -- C:\Windows\SysNative\drivers\hpfx64bulk.sys (Hewlett Packard)
DRV - (OMNISMI) -- C:\Windows\SysWOW64\drivers\omnismi.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A}
IE:64bit: - HKLM\..\SearchScopes\{FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LNJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A}
IE - HKLM\..\SearchScopes\{FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LNJB

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = E1 ED 6B 3F 61 C9 D1 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LNJB
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\Users\JAG\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 45.1.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 45.1.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{FCF36B88-1BBA-487f-B64B-D2E8980A9293}: C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension [2016.05.09 14:54:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 45.1.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 45.1.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2016.03.17 20:19:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JAG\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - Extension: No name found = C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_1\
CHR - Extension: No name found = C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_1\
CHR - Extension: No name found = C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1\
CHR - Extension: No name found = C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_1\
CHR - Extension: No name found = C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_1\
CHR - Extension: No name found = C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj\4.60.3_0\
CHR - Extension: No name found = C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_1\
CHR - Extension: No name found = C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\

O1 HOSTS File: ([2016.06.16 11:32:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Pomocná služba pro přihlášení k účtu Microsoft) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe (Lenovo)
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [PasswordManager] C:\Program Files\Lenovo\Password Manager\password_manager.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF756B82-3253-49C7-B0CF-FFDBDEF14241}: DhcpNameServer = 10.0.0.254 10.0.0.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D62D3F38-7F97-43AA-BC12-844E2A17F7E9}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[ADA64]

========== Files/Folders - Created Within 30 Days ==========

[2016.06.27 19:06:44 | 002,389,504 | ---- | C] (Farbar) -- C:\Users\JAG\Desktop\FRST64.exe
[2016.06.27 14:20:58 | 005,546,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2016.06.27 14:20:58 | 003,943,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2016.06.27 14:20:58 | 003,244,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2016.06.27 14:20:58 | 003,156,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2016.06.27 14:20:58 | 001,732,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2016.06.27 14:20:58 | 000,709,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2016.06.27 14:20:58 | 000,631,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2016.06.27 14:20:58 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2016.06.27 14:20:58 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2016.06.27 14:20:58 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2016.06.27 14:20:58 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2016.06.27 14:20:58 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2016.06.27 14:20:58 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2016.06.27 14:20:58 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2016.06.27 14:20:58 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2016.06.27 14:20:58 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2016.06.27 14:20:58 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2016.06.27 14:20:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2016.06.27 14:20:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2016.06.27 14:20:58 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2016.06.27 14:20:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2016.06.27 14:20:57 | 003,998,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2016.06.27 14:20:57 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2016.06.27 14:20:57 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2016.06.27 14:20:57 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2016.06.27 14:20:57 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2016.06.27 14:20:57 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2016.06.27 14:20:57 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2016.06.27 14:20:57 | 000,862,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2016.06.27 14:20:57 | 000,706,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2016.06.27 14:20:57 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2016.06.27 14:20:57 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2016.06.27 14:20:57 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2016.06.27 14:20:57 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2016.06.27 14:20:57 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2016.06.27 14:20:57 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2016.06.27 14:20:57 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2016.06.27 14:20:57 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2016.06.27 14:20:57 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2016.06.27 14:20:57 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2016.06.27 14:20:57 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2016.06.27 14:20:57 | 000,114,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2016.06.27 14:20:57 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2016.06.27 14:20:56 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2016.06.27 14:20:56 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2016.06.27 14:20:56 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2016.06.27 14:20:56 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2016.06.27 14:20:56 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2016.06.27 14:20:56 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2016.06.27 14:20:56 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2016.06.27 14:20:56 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2016.06.27 14:20:56 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2016.06.27 14:20:56 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2016.06.27 14:20:56 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2016.06.27 14:20:56 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2016.06.27 14:20:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2016.06.27 14:20:56 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2016.06.27 14:20:56 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2016.06.27 14:20:56 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2016.06.27 14:20:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2016.06.27 14:20:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2016.06.27 14:20:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2016.06.27 14:20:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2016.06.27 14:20:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2016.06.27 14:20:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2016.06.27 14:20:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2016.06.27 14:20:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2016.06.27 14:20:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2016.06.27 14:20:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2016.06.27 14:20:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2016.06.27 14:20:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2016.06.27 14:20:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2016.06.27 14:20:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2016.06.27 14:20:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2016.06.27 14:20:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2016.06.27 14:20:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2016.06.27 14:20:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2016.06.27 14:20:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2016.06.27 14:20:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2016.06.27 14:20:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2016.06.27 14:20:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2016.06.27 14:20:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2016.06.27 14:20:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2016.06.27 14:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2016.06.27 14:20:55 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2016.06.27 14:20:55 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2016.06.27 14:20:55 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2016.06.27 14:20:55 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2016.06.27 14:20:55 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2016.06.27 14:20:55 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2016.06.27 14:20:55 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2016.06.27 14:20:55 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2016.06.27 14:20:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2016.06.27 14:20:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2016.06.23 19:00:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\JAG\Desktop\OTL.exe
[2016.06.23 07:49:44 | 000,058,368 | ---- | C] (Lenovo.) -- C:\Windows\SysNative\tpinspm.dll
[2016.06.23 07:49:40 | 000,180,736 | ---- | C] (Lenovo.) -- C:\Windows\SysNative\ibmpmsvc.exe
[2016.06.23 07:49:38 | 000,082,240 | ---- | C] (Lenovo.) -- C:\Windows\SysNative\drivers\ibmpmdrv.sys
[2016.06.23 07:49:30 | 000,088,064 | ---- | C] (Lenovo.) -- C:\Windows\SysNative\ibmpmctl.exe
[2016.06.23 07:44:06 | 000,710,144 | ---- | C] (Lenovo.) -- C:\Windows\SysNative\LPlatSvc.exe
[2016.06.20 16:27:09 | 000,000,000 | ---D | C] -- C:\FRST
[2016.06.17 14:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MicroProse
[2016.06.17 14:59:09 | 000,000,000 | ---D | C] -- C:\MicroProse
[2016.06.17 14:11:36 | 000,327,168 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2016.06.17 12:06:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64 bits)
[2016.06.17 12:04:55 | 000,000,000 | ---D | C] -- C:\Users\JAG\AppData\Roaming\avidemux
[2016.06.17 12:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\Avidemux 2.6 - 64 bits
[2016.06.17 11:39:47 | 000,000,000 | ---D | C] -- C:\Windows\cs
[2016.06.17 11:39:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2016.06.17 11:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2016.06.17 11:39:25 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2016.06.17 11:39:25 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2016.06.17 11:39:25 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2016.06.17 11:39:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2016.06.17 11:39:24 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2016.06.17 11:39:24 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2016.06.17 11:39:24 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2016.06.17 11:39:24 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2016.06.17 11:39:12 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2016.06.17 11:39:12 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2016.06.17 11:39:02 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2016.06.17 11:39:02 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2016.06.17 11:38:47 | 000,000,000 | ---D | C] -- C:\Users\JAG\AppData\Local\Windows Live
[2016.06.17 11:37:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2016.06.16 15:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2016.06.16 11:33:53 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2016.06.16 11:32:51 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2016.06.16 11:01:40 | 005,200,384 | ---- | C] (AVAST Software) -- C:\Users\JAG\Desktop\aswmbr.exe
[2016.06.15 15:58:20 | 000,725,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2016.06.15 15:58:20 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2016.06.15 15:58:20 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2016.06.15 15:58:20 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2016.06.15 15:58:20 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2016.06.15 15:58:20 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2016.06.15 15:58:20 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2016.06.15 15:58:20 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2016.06.15 15:58:20 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2016.06.15 15:58:20 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2016.06.15 15:58:20 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2016.06.15 15:58:20 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2016.06.15 15:58:20 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2016.06.15 15:58:19 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2016.06.15 15:58:19 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2016.06.15 15:58:19 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2016.06.15 15:58:19 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2016.06.15 15:58:18 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2016.06.15 15:58:18 | 000,806,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2016.06.15 15:58:18 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2016.06.15 15:58:18 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2016.06.15 15:58:18 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2016.06.15 15:58:18 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2016.06.15 15:58:18 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2016.06.15 15:58:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2016.06.15 15:58:17 | 002,131,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2016.06.15 15:58:17 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2016.06.15 15:58:17 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2016.06.15 15:58:17 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2016.06.15 15:58:17 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2016.06.15 15:58:16 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2016.06.15 15:58:16 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2016.06.15 15:58:16 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2016.06.15 15:58:16 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2016.06.15 15:58:15 | 006,051,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2016.06.15 15:58:15 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2016.06.15 15:58:15 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2016.06.15 15:58:15 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2016.06.15 15:58:15 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2016.06.15 15:58:15 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2016.06.15 15:58:14 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2016.06.15 15:58:14 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2016.06.15 15:58:14 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2016.06.15 15:58:09 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2016.06.15 15:58:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netbtugc.exe
[2016.06.15 15:58:09 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netbtugc.exe
[2016.06.15 15:58:08 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2016.06.15 15:58:07 | 000,249,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcryptprimitives.dll
[2016.06.15 15:58:05 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2016.06.15 15:58:05 | 000,382,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2016.06.15 15:58:05 | 000,308,456 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2016.06.15 15:58:05 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2016.06.15 15:58:05 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2016.06.15 15:58:05 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2016.06.15 15:58:05 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2016.06.15 15:58:05 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2016.06.15 15:58:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2016.06.15 15:58:04 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpprefcl.dll
[2016.06.15 15:58:04 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpprefcl.dll
[2016.06.15 15:58:04 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\polstore.dll
[2016.06.15 15:58:04 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\polstore.dll
[2016.06.15 15:58:04 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winipsec.dll
[2016.06.15 15:58:04 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2016.06.15 15:58:04 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FwRemoteSvr.dll
[2016.06.15 15:58:04 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winipsec.dll
[2016.06.15 15:58:04 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2016.06.15 15:58:04 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpscript.dll
[2016.06.15 15:58:04 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpscript.dll
[2016.06.15 15:58:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpscript.exe
[2016.06.15 15:58:04 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpscript.exe
[2016.06.15 15:58:03 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2016.06.14 16:44:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2016.06.14 16:44:54 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2016.06.14 16:44:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2016.06.14 16:44:41 | 000,000,000 | ---D | C] -- C:\Qoobox
[2016.06.14 16:44:30 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2016.06.14 16:40:42 | 000,000,000 | ---D | C] -- C:\Users\JAG\Desktop\backups
[2016.06.14 16:35:33 | 005,659,224 | R--- | C] (Swearware) -- C:\Users\JAG\Desktop\ComboFix.exe
[2016.06.14 11:22:46 | 000,000,000 | ---D | C] -- C:\Users\JAG\AppData\Local\GHISLER
[2016.06.14 11:17:07 | 000,000,000 | ---D | C] -- C:\Users\JAG\AppData\Local\Temp
[2016.06.14 11:04:03 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2016.06.13 11:07:09 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2016.06.13 10:45:37 | 001,413,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2016.06.13 10:45:36 | 001,204,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2016.06.13 10:45:36 | 000,569,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2016.06.13 10:45:36 | 000,544,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2016.06.13 10:45:36 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2016.06.13 10:45:36 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\centel.dll
[2016.06.13 10:45:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2016.06.13 10:45:36 | 000,041,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2016.06.13 09:02:39 | 001,610,816 | ---- | C] (Malwarebytes) -- C:\Users\JAG\Desktop\JRT.exe
[2016.06.07 15:46:00 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016.06.06 16:42:46 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016.06.06 16:42:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2016.06.06 16:42:27 | 000,140,672 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2016.06.06 16:42:27 | 000,064,896 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2016.06.06 16:42:27 | 000,027,008 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2016.06.06 16:42:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2016.06.06 16:42:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016.06.06 14:24:11 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\JAG\Desktop\HijackThis.exe
[2016.06.06 13:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\GridinSoft
[2016.06.02 19:18:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2016.06.02 13:48:34 | 001,423,512 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2016.06.02 13:48:32 | 001,420,384 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2016.06.02 13:48:28 | 000,231,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2016.06.02 13:48:26 | 000,194,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2016.06.02 13:48:24 | 000,219,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2016.06.02 13:48:22 | 000,185,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2016.06.02 13:48:00 | 025,148,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumdim64.dll
[2016.06.02 13:47:12 | 001,502,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdmd64.dll
[2016.06.02 13:47:06 | 001,154,400 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdmd32.dll
[2016.06.02 13:46:08 | 008,818,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10iumd32.dll
[2016.06.02 13:45:56 | 000,294,048 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10idpp64.dll
[2016.06.02 13:45:54 | 000,273,776 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10idpp32.dll
[2016.06.02 13:40:54 | 000,617,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\MetroIntelGenericUIFramework.dll
[2016.06.02 13:39:30 | 000,381,952 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
[2016.06.02 13:39:26 | 000,313,856 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
[2016.06.02 13:39:26 | 000,289,256 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2016.06.02 13:39:22 | 000,095,232 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll
[2016.06.02 13:39:22 | 000,091,136 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\Intel_OpenCL_ICD64.dll
[2016.06.02 13:39:16 | 000,199,168 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v4432.dll
[2016.06.02 13:39:14 | 000,380,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxOSP.dll
[2016.06.02 13:39:10 | 002,048,512 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxLHM.dll
[2016.06.02 13:39:04 | 000,258,536 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxHK.exe
[2016.06.02 13:39:02 | 000,228,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2016.06.02 13:39:02 | 000,044,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2016.06.02 13:38:58 | 000,323,560 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxEM.exe
[2016.06.02 13:38:58 | 000,228,352 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxDTCM.dll
[2016.06.02 13:38:54 | 000,296,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxDI.dll
[2016.06.02 13:38:50 | 000,707,072 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxDH.dll
[2016.06.02 13:38:42 | 001,381,376 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2016.06.02 13:38:38 | 001,074,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2016.06.02 13:38:36 | 000,218,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfx11cmrt64.dll
[2016.06.02 13:38:34 | 000,184,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfx11cmrt32.dll
[2016.06.02 13:38:32 | 003,606,520 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll
[2016.06.02 13:38:24 | 003,339,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll
[2016.06.02 13:38:14 | 004,932,072 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2016.06.02 13:38:06 | 015,993,856 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll
[2016.06.02 13:37:42 | 010,863,608 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll
[2016.06.02 13:37:24 | 000,434,176 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll
[2016.06.02 13:37:22 | 000,384,504 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll
[2016.06.02 13:37:20 | 000,182,776 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdail64.dll
[2016.06.02 13:37:18 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdail32.dll
[2016.06.02 13:37:02 | 007,506,432 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig8icd32.dll
[2016.06.02 13:36:12 | 001,050,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\Gfxv4_0.exe
[2016.06.02 13:36:08 | 001,046,504 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\Gfxv2_0.exe
[2016.06.02 13:36:06 | 000,458,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUIEx.exe
[2016.06.02 13:36:02 | 001,139,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxResources.dll
[2016.06.02 13:36:02 | 000,348,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\DPTopologyAppv2_0.exe
[2016.06.02 13:35:58 | 000,349,160 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\DPTopologyApp.exe
[2016.06.02 13:35:56 | 000,166,376 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2016.06.02 13:32:36 | 009,516,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig8icd64.dll
[2016.05.30 13:38:09 | 000,000,000 | ---D | C] -- C:\Users\JAG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2016.05.30 13:38:09 | 000,000,000 | ---D | C] -- C:\Users\JAG\AppData\Roaming\IrfanView
[2016.05.30 13:38:08 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2016.05.30 12:34:20 | 000,000,000 | ---D | C] -- C:\Windows\pss

========== Files - Modified Within 30 Days ==========

[2016.06.27 19:20:03 | 000,032,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.06.27 19:20:03 | 000,032,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.06.27 19:14:52 | 001,591,814 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016.06.27 19:14:52 | 000,672,046 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016.06.27 19:14:52 | 000,657,044 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016.06.27 19:14:52 | 000,142,610 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016.06.27 19:14:52 | 000,122,856 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016.06.27 19:09:54 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2016.06.27 19:09:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.06.27 19:09:44 | 834,736,126 | -HS- | M] () -- C:\hiberfil.sys
[2016.06.27 19:06:54 | 002,389,504 | ---- | M] (Farbar) -- C:\Users\JAG\Desktop\FRST64.exe
[2016.06.23 19:00:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JAG\Desktop\OTL.exe
[2016.06.23 07:49:44 | 000,058,368 | ---- | M] (Lenovo.) -- C:\Windows\SysNative\tpinspm.dll
[2016.06.23 07:49:40 | 000,180,736 | ---- | M] (Lenovo.) -- C:\Windows\SysNative\ibmpmsvc.exe
[2016.06.23 07:49:38 | 000,082,240 | ---- | M] (Lenovo.) -- C:\Windows\SysNative\drivers\ibmpmdrv.sys
[2016.06.23 07:49:30 | 000,088,064 | ---- | M] (Lenovo.) -- C:\Windows\SysNative\ibmpmctl.exe
[2016.06.23 07:44:06 | 000,710,144 | ---- | M] (Lenovo.) -- C:\Windows\SysNative\LPlatSvc.exe
[2016.06.17 12:32:34 | 000,003,065 | ---- | M] () -- C:\Users\JAG\Documents\Můj film.wlmp
[2016.06.17 12:06:52 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\Avidemux 2.6 - 64 bits.lnk
[2016.06.16 16:21:13 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2016.06.16 15:27:08 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2016.06.16 11:46:38 | 000,000,512 | ---- | M] () -- C:\Users\JAG\Desktop\MBR.dat
[2016.06.16 11:41:25 | 000,013,376 | ---- | M] () -- C:\Users\JAG\Desktop\hijackthisCT
[2016.06.16 11:32:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2016.06.16 11:01:50 | 005,200,384 | ---- | M] (AVAST Software) -- C:\Users\JAG\Desktop\aswmbr.exe
[2016.06.15 16:14:02 | 000,467,384 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2016.06.14 16:35:52 | 005,659,224 | R--- | M] (Swearware) -- C:\Users\JAG\Desktop\ComboFix.exe
[2016.06.14 15:56:58 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016.06.14 14:11:22 | 000,016,107 | ---- | M] () -- C:\Users\JAG\Desktop\hijackthis UT1
[2016.06.14 13:58:45 | 000,002,096 | ---- | M] () -- C:\Users\Public\Desktop\Lenovo Solution Center.lnk
[2016.06.14 11:04:03 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2016.06.14 11:03:26 | 001,309,184 | ---- | M] () -- C:\Users\JAG\Desktop\zoek.exe
[2016.06.14 10:17:40 | 000,028,272 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2016.06.14 10:11:05 | 024,206,920 | ---- | M] () -- C:\Users\JAG\Desktop\RogueKillerX64.exe
[2016.06.13 09:02:54 | 001,610,816 | ---- | M] (Malwarebytes) -- C:\Users\JAG\Desktop\JRT.exe
[2016.06.07 15:44:12 | 003,677,248 | ---- | M] () -- C:\Users\JAG\Desktop\AdwCleaner.exe
[2016.06.06 18:58:26 | 000,041,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2016.06.06 18:50:13 | 001,204,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2016.06.06 16:42:32 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016.06.06 14:24:12 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\JAG\Desktop\HijackThis.exe
[2016.06.03 15:05:46 | 001,413,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2016.06.02 13:48:34 | 001,423,512 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2016.06.02 13:48:32 | 001,420,384 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2016.06.02 13:48:28 | 000,231,320 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2016.06.02 13:48:26 | 000,194,872 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2016.06.02 13:48:26 | 000,045,952 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2016.06.02 13:48:24 | 000,219,296 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2016.06.02 13:48:22 | 006,258,544 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdusc64.dll
[2016.06.02 13:48:22 | 000,185,992 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2016.06.02 13:48:10 | 004,932,264 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdusc32.dll
[2016.06.02 13:48:00 | 025,148,104 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdumdim64.dll
[2016.06.02 13:47:30 | 024,344,400 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdumdim32.dll
[2016.06.02 13:47:12 | 001,502,024 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdmd64.dll
[2016.06.02 13:47:06 | 001,154,400 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdmd32.dll
[2016.06.02 13:47:02 | 018,046,528 | ---- | M] () -- C:\Windows\SysNative\igd11dxva64.dll
[2016.06.02 13:46:38 | 017,566,536 | ---- | M] () -- C:\Windows\SysWow64\igd11dxva32.dll
[2016.06.02 13:46:22 | 009,624,800 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igd10iumd64.dll
[2016.06.02 13:46:08 | 008,818,088 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igd10iumd32.dll
[2016.06.02 13:45:56 | 000,294,048 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igd10idpp64.dll
[2016.06.02 13:45:54 | 000,273,776 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igd10idpp32.dll
[2016.06.02 13:40:54 | 000,617,976 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\MetroIntelGenericUIFramework.dll
[2016.06.02 13:39:30 | 000,381,952 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
[2016.06.02 13:39:26 | 000,313,856 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
[2016.06.02 13:39:26 | 000,289,256 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2016.06.02 13:39:22 | 000,095,232 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.DLL
[2016.06.02 13:39:22 | 000,095,232 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll
[2016.06.02 13:39:22 | 000,091,136 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.DLL
[2016.06.02 13:39:22 | 000,091,136 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\Intel_OpenCL_ICD64.dll
[2016.06.02 13:39:16 | 000,392,168 | ---- | M] () -- C:\Windows\SysNative\igfxTray.exe
[2016.06.02 13:39:16 | 000,199,168 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v4432.dll
[2016.06.02 13:39:14 | 000,380,416 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxOSP.dll
[2016.06.02 13:39:12 | 000,013,824 | ---- | M] ( ) -- C:\Windows\SysNative\igfxLHMLibv2_0.dll
[2016.06.02 13:39:12 | 000,013,824 | ---- | M] ( ) -- C:\Windows\SysNative\igfxLHMLib.dll
[2016.06.02 13:39:10 | 002,048,512 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxLHM.dll
[2016.06.02 13:39:04 | 000,258,536 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxHK.exe
[2016.06.02 13:39:02 | 000,228,840 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2016.06.02 13:39:02 | 000,044,032 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2016.06.02 13:39:00 | 000,018,944 | ---- | M] ( ) -- C:\Windows\SysNative\igfxEMLibv2_0.dll
[2016.06.02 13:39:00 | 000,018,936 | ---- | M] ( ) -- C:\Windows\SysNative\igfxEMLib.dll
[2016.06.02 13:38:58 | 000,323,560 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxEM.exe
[2016.06.02 13:38:58 | 000,228,352 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxDTCM.dll
[2016.06.02 13:38:56 | 000,019,448 | ---- | M] ( ) -- C:\Windows\SysNative\igfxDILibv2_0.dll
[2016.06.02 13:38:54 | 000,296,960 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxDI.dll
[2016.06.02 13:38:54 | 000,082,432 | ---- | M] ( ) -- C:\Windows\SysNative\igfxDHLibv2_0.dll
[2016.06.02 13:38:54 | 000,019,968 | ---- | M] ( ) -- C:\Windows\SysNative\igfxDILib.dll
[2016.06.02 13:38:52 | 000,069,624 | ---- | M] ( ) -- C:\Windows\SysNative\igfxDHLib.dll
[2016.06.02 13:38:50 | 000,707,072 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxDH.dll
[2016.06.02 13:38:48 | 000,095,232 | ---- | M] () -- C:\Windows\SysNative\igfxCUIServicePS.dll
[2016.06.02 13:38:46 | 000,354,280 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxCUIService.exe
[2016.06.02 13:38:46 | 000,264,704 | ---- | M] () -- C:\Windows\SysNative\igfxCPL.cpl
[2016.06.02 13:38:42 | 001,381,376 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2016.06.02 13:38:38 | 001,074,688 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2016.06.02 13:38:36 | 000,218,104 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfx11cmrt64.dll
[2016.06.02 13:38:34 | 000,184,832 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfx11cmrt32.dll
[2016.06.02 13:38:32 | 003,606,520 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll
[2016.06.02 13:38:24 | 003,339,264 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll
[2016.06.02 13:38:14 | 004,932,072 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2016.06.02 13:38:06 | 015,993,856 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll
[2016.06.02 13:37:42 | 010,863,608 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll
[2016.06.02 13:37:28 | 000,200,696 | ---- | M] () -- C:\Windows\SysNative\igdde64.dll
[2016.06.02 13:37:26 | 000,161,784 | ---- | M] () -- C:\Windows\SysWow64\igdde32.dll
[2016.06.02 13:37:24 | 000,434,176 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll
[2016.06.02 13:37:22 | 000,384,504 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll
[2016.06.02 13:37:20 | 000,182,776 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdail64.dll
[2016.06.02 13:37:18 | 000,163,840 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdail32.dll
[2016.06.02 13:37:02 | 007,506,432 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\ig8icd32.dll
[2016.06.02 13:36:12 | 001,050,088 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\Gfxv4_0.exe
[2016.06.02 13:36:08 | 001,046,504 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\Gfxv2_0.exe
[2016.06.02 13:36:06 | 000,458,216 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\GfxUIEx.exe
[2016.06.02 13:36:02 | 001,139,704 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\GfxResources.dll
[2016.06.02 13:36:02 | 000,348,648 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\DPTopologyAppv2_0.exe
[2016.06.02 13:35:58 | 000,349,160 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\DPTopologyApp.exe
[2016.06.02 13:35:56 | 000,166,376 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2016.06.02 13:32:36 | 009,516,024 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\ig8icd64.dll
[2016.06.02 13:32:36 | 000,102,904 | ---- | M] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2016.06.02 13:12:04 | 000,403,671 | ---- | M] () -- C:\Windows\SysNative\ImageStabilization.wmv
[2016.06.02 13:12:04 | 000,004,052 | ---- | M] () -- C:\Windows\SysNative\iglhxs64.vp
[2016.06.02 13:11:54 | 006,725,162 | ---- | M] () -- C:\Windows\SysNative\igdclbif.bin
[2016.06.02 13:11:46 | 000,000,935 | ---- | M] () -- C:\Windows\SysNative\Gfxv4_0.exe.config
[2016.06.02 13:11:46 | 000,000,895 | ---- | M] () -- C:\Windows\SysNative\Gfxv2_0.exe.config
[2016.06.02 13:11:44 | 000,641,530 | ---- | M] () -- C:\Windows\SysNative\FilmModeDetection.wmv
[2016.06.02 13:11:44 | 000,375,173 | ---- | M] () -- C:\Windows\SysNative\ColorImageEnhancement.wmv
[2016.06.02 13:11:44 | 000,000,935 | ---- | M] () -- C:\Windows\SysNative\DPTopologyApp.exe.config
[2016.06.02 13:11:44 | 000,000,895 | ---- | M] () -- C:\Windows\SysNative\DPTopologyAppv2_0.exe.config
[2016.06.01 13:12:56 | 000,004,270 | ---- | M] () -- C:\SISTodo
[2016.06.01 13:12:56 | 000,000,042 | ---- | M] () -- C:\SISHashTodo
[2016.05.30 13:38:09 | 000,001,859 | ---- | M] () -- C:\Users\JAG\Desktop\IrfanView 64 Thumbnails.lnk
[2016.05.30 13:38:09 | 000,000,985 | ---- | M] () -- C:\Users\JAG\Desktop\IrfanView 64.lnk
[2016.05.29 17:17:11 | 000,002,053 | ---- | M] () -- C:\Users\Public\Desktop\Google Slides.lnk
[2016.05.29 17:17:11 | 000,002,051 | ---- | M] () -- C:\Users\Public\Desktop\Google Sheets.lnk
[2016.05.29 17:17:11 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Google Docs.lnk

========== Files Created - No Company Name ==========

[2016.06.27 19:09:54 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2016.06.17 12:32:34 | 000,003,065 | ---- | C] () -- C:\Users\JAG\Documents\Můj film.wlmp
[2016.06.17 12:04:53 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\Avidemux 2.6 - 64 bits.lnk
[2016.06.17 11:39:45 | 000,001,316 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2016.06.17 11:39:42 | 000,001,385 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2016.06.16 15:27:08 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2016.06.16 11:46:38 | 000,000,512 | ---- | C] () -- C:\Users\JAG\Desktop\MBR.dat
[2016.06.16 11:41:25 | 000,013,376 | ---- | C] () -- C:\Users\JAG\Desktop\hijackthisCT
[2016.06.14 16:44:54 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2016.06.14 16:44:54 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2016.06.14 16:44:54 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2016.06.14 16:44:54 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2016.06.14 16:44:54 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2016.06.14 14:11:22 | 000,016,107 | ---- | C] () -- C:\Users\JAG\Desktop\hijackthis UT1
[2016.06.14 11:17:08 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2016.06.14 11:03:25 | 001,309,184 | ---- | C] () -- C:\Users\JAG\Desktop\zoek.exe
[2016.06.14 10:10:26 | 024,206,920 | ---- | C] () -- C:\Users\JAG\Desktop\RogueKillerX64.exe
[2016.06.13 11:08:46 | 000,028,272 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2016.06.07 15:45:02 | 003,677,248 | ---- | C] () -- C:\Users\JAG\Desktop\AdwCleaner.exe
[2016.06.06 16:42:32 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016.06.02 13:47:02 | 018,046,528 | ---- | C] () -- C:\Windows\SysNative\igd11dxva64.dll
[2016.06.02 13:46:38 | 017,566,536 | ---- | C] () -- C:\Windows\SysWow64\igd11dxva32.dll
[2016.06.02 13:39:16 | 000,392,168 | ---- | C] () -- C:\Windows\SysNative\igfxTray.exe
[2016.06.02 13:39:12 | 000,013,824 | ---- | C] ( ) -- C:\Windows\SysNative\igfxLHMLibv2_0.dll
[2016.06.02 13:39:12 | 000,013,824 | ---- | C] ( ) -- C:\Windows\SysNative\igfxLHMLib.dll
[2016.06.02 13:39:00 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysNative\igfxEMLibv2_0.dll
[2016.06.02 13:39:00 | 000,018,936 | ---- | C] ( ) -- C:\Windows\SysNative\igfxEMLib.dll
[2016.06.02 13:38:56 | 000,019,448 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDILibv2_0.dll
[2016.06.02 13:38:54 | 000,082,432 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDHLibv2_0.dll
[2016.06.02 13:38:54 | 000,019,968 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDILib.dll
[2016.06.02 13:38:52 | 000,069,624 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDHLib.dll
[2016.06.02 13:38:48 | 000,095,232 | ---- | C] () -- C:\Windows\SysNative\igfxCUIServicePS.dll
[2016.06.02 13:38:46 | 000,264,704 | ---- | C] () -- C:\Windows\SysNative\igfxCPL.cpl
[2016.06.02 13:37:28 | 000,200,696 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2016.06.02 13:37:26 | 000,161,784 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2016.06.02 13:32:36 | 000,102,904 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2016.06.02 13:12:04 | 000,403,671 | ---- | C] () -- C:\Windows\SysNative\ImageStabilization.wmv
[2016.06.02 13:12:04 | 000,004,052 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2016.06.02 13:11:54 | 006,725,162 | ---- | C] () -- C:\Windows\SysNative\igdclbif.bin
[2016.06.02 13:11:46 | 000,000,935 | ---- | C] () -- C:\Windows\SysNative\Gfxv4_0.exe.config
[2016.06.02 13:11:46 | 000,000,895 | ---- | C] () -- C:\Windows\SysNative\Gfxv2_0.exe.config
[2016.06.02 13:11:44 | 000,641,530 | ---- | C] () -- C:\Windows\SysNative\FilmModeDetection.wmv
[2016.06.02 13:11:44 | 000,375,173 | ---- | C] () -- C:\Windows\SysNative\ColorImageEnhancement.wmv
[2016.06.02 13:11:44 | 000,000,935 | ---- | C] () -- C:\Windows\SysNative\DPTopologyApp.exe.config
[2016.06.02 13:11:44 | 000,000,895 | ---- | C] () -- C:\Windows\SysNative\DPTopologyAppv2_0.exe.config
[2016.06.01 12:10:06 | 000,004,270 | ---- | C] () -- C:\SISTodo
[2016.06.01 12:10:06 | 000,000,042 | ---- | C] () -- C:\SISHashTodo
[2016.05.30 13:38:09 | 000,001,859 | ---- | C] () -- C:\Users\JAG\Desktop\IrfanView 64 Thumbnails.lnk
[2016.05.30 13:38:09 | 000,000,985 | ---- | C] () -- C:\Users\JAG\Desktop\IrfanView 64.lnk
[2016.04.04 17:38:06 | 000,172,371 | ---- | C] () -- C:\Windows\hppins11.dat
[2016.04.04 17:38:06 | 000,005,707 | ---- | C] () -- C:\Windows\hppmdl11.dat
[2016.04.04 16:08:14 | 000,000,056 | ---- | C] () -- C:\Windows\hpntwksetup.ini
[2016.03.17 10:28:52 | 000,007,623 | ---- | C] () -- C:\Users\JAG\AppData\Local\Resmon.ResmonCfg
[2016.02.03 16:06:57 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2016.01.24 13:06:29 | 000,038,067 | ---- | C] () -- C:\Users\JAG\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2016.01.20 17:11:29 | 000,000,156 | ---- | C] () -- C:\Windows\ODBC.INI
[2016.01.15 19:08:29 | 000,000,320 | ---- | C] () -- C:\Windows\hpbvspst.ini
[2016.01.15 18:16:42 | 000,005,707 | ---- | C] () -- C:\Windows\hppmdl11.dat.temp
[2016.01.15 18:11:57 | 000,197,414 | ---- | C] () -- C:\Windows\hppins11.dat.temp
[2015.12.10 22:42:37 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat
[2015.08.29 15:01:00 | 000,014,776 | ---- | C] () -- C:\Windows\SysWow64\drivers\omnismi.sys
[2015.08.29 14:50:57 | 000,000,248 | ---- | C] () -- C:\Windows\hbcikrnl.ini
[2014.11.14 00:07:22 | 001,567,464 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016.04.09 08:58:02 | 014,186,496 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016.04.09 08:54:53 | 012,881,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2016.05.24 15:00:19 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\ACD Systems
[2016.06.18 14:58:51 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\avidemux
[2016.05.23 23:10:38 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\EurekaLog
[2016.05.09 14:54:38 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\GHISLER
[2016.05.30 13:38:09 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\IrfanView
[2016.05.09 14:54:13 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\Lenovo
[2016.02.09 11:19:58 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\LSC
[2016.03.18 14:20:15 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\Milestone
[2015.12.10 22:57:55 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\PwrMgr
[2016.01.03 22:19:20 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\Sierra Wireless
[2016.05.03 13:34:13 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\TeamViewer
[2016.03.17 20:19:15 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\Thunderbird
[2016.01.15 18:51:50 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\Visan
[2016.03.21 20:15:14 | 000,000,000 | ---D | M] -- C:\Users\JAG\AppData\Roaming\Zoner

========== Purity Check ==========



< End of report >

[ADA64]

Extras

OTL Extras logfile created on: 27.6.2016 19:16:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JAG\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18349)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

11,70 Gb Total Physical Memory | 8,62 Gb Available Physical Memory | 73,69% Memory free
23,40 Gb Paging File | 20,61 Gb Available in Paging File | 88,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 460,02 Gb Total Space | 133,79 Gb Free Space | 29,08% Space Free | Partition Type: NTFS
Drive Q: | 15,45 Gb Total Space | 4,81 Gb Free Space | 31,11% Space Free | Partition Type: NTFS

Computer Name: JAG-PC | User Name: JAG | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view64.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view64.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{099DA5F2-91BA-4260-8456-4EFDC112DA61}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1495CE9D-D32A-4397-A784-8A6D3AA680D8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1E01684D-422D-465D-AB87-54A739C6ABCE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2712B547-77EA-4971-ACC9-8828413BEA35}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2EEC04B7-8BE5-4435-851F-CF36FC1D17F2}" = rport=139 | protocol=6 | dir=out | app=system |
"{38AA9802-2D68-47A9-94C8-17DAC695A6A8}" = lport=138 | protocol=17 | dir=in | app=system |
"{41D6B3FF-DC85-431B-9F8C-AD63FDEB381F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{45928421-BF83-4AF2-89A5-C879285739BC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4CC71602-1E68-438A-B0F8-29745439CAAF}" = lport=139 | protocol=6 | dir=in | app=system |
"{59F15F1B-6A29-4E34-A44B-AB063082731D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6A7EC6B9-8FFE-4535-AF84-9F82190044CE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{74FA9E7A-70CE-472F-B653-9284888AF3C9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{88E8378B-6B39-42E7-865C-D90B3A3819DA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8BCEE381-915D-4E77-9967-85969AB8985E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{9920D572-1936-4891-9112-81F2E4C13876}" = rport=137 | protocol=17 | dir=out | app=system |
"{ABE5CDAA-6080-4181-B347-331A28B173FE}" = rport=138 | protocol=17 | dir=out | app=system |
"{B1DA2B1E-F9C5-4937-9242-4A78C64697D7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BFE2E653-0D70-4E0E-AF4A-FF4C95810D3C}" = lport=445 | protocol=6 | dir=in | app=system |
"{C04D132B-F893-40F5-8010-EF269EC4BF13}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C267F39A-41CF-4E1F-B79B-6B84C8937F88}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C915B69A-C085-4552-894C-5CE1839F85B3}" = rport=445 | protocol=6 | dir=out | app=system |
"{DD99281E-4A8C-417C-B428-2773DC11ED07}" = lport=137 | protocol=17 | dir=in | app=system |
"{E0F7C356-99B4-4109-B3E9-AFE6D4B4C8C1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F6DB9297-996C-468D-8F80-617CBB5B6D03}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FB17D605-AB2D-4EDC-845D-80CAFDF9AD07}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{FBE8F79D-066C-491B-A03D-15CA64BAFDC2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF4EF0F1-5920-4880-9C6E-58B72ACDD9B5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A41F8CA-C08C-412C-8387-D750ABC3467E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1D030887-6300-4E8F-B5C5-3B4163A83241}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{295F67EA-4AD6-4D79-ABCB-49DCB0A15AB7}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\shareit\shareit.exe |
"{3ED565A6-7029-40C4-8664-584965A0B4CE}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\shareit\shareit.exe |
"{429C222B-672A-41F4-91D2-C48F1756E074}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4947519F-C00F-4903-ABB6-CD84DCE88715}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{4CED7E90-3CB3-4D4D-B2E6-CD1A5200CFA8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{508C7FE6-2C27-42A5-928B-CC81930BF614}" = dir=out | app=c:\program files (x86)\lenovo\quickcontrol\quickcontrolservice.exe |
"{5251F1EA-02CC-41C3-BCB1-3E944A57608C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{73870608-31D2-41DD-B1E4-C46D5E590893}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7AEB37AA-0359-4BAE-B815-CA25BEAC9D92}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{845BD4AA-2AD4-4304-9E4E-36A1C8A94A55}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{87E70370-449D-454A-9D41-D52C48C4B42C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{886BE91E-3CD1-4BF5-9AC7-18B30F791964}" = protocol=6 | dir=in | app=c:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe |
"{8D585117-E8BD-4B71-B0C8-C9B6F25283B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{913A9007-C03C-48AF-B948-5DC67548A2B8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A4C3DF46-E449-4059-8240-28C27943F387}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{AB12395E-A443-4250-AA8F-D846AF2158E3}" = protocol=17 | dir=in | app=c:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe |
"{B6D96D3E-1E1A-42C4-A6E3-F16171E0786C}" = protocol=6 | dir=out | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{BF247E3D-CA22-4E54-BE0C-62425374A4D0}" = protocol=6 | dir=out | app=system |
"{C4BCA62A-7CCC-4C71-B5FC-1FC8328A9C9F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CA6C5BCF-C5F0-4989-864D-C65EA8F95C71}" = dir=in | app=c:\program files (x86)\lenovo\quickcontrol\quickcontrolservice.exe |
"{CC6FD59C-654F-495B-95E3-C5B05C0A89DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4953AEE-93AC-4B78-BAD9-5C6CDC3DB46F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4B0BA26-8977-4A7C-9555-52CC92500622}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D7D5FEEC-9B02-4CB5-A123-FB79B4D52F8E}" = protocol=17 | dir=out | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{D83CC866-C331-424A-9217-BEB026D9C651}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{D9C214BF-6FC9-4D31-93BC-6CF5D9A7C98C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E37EC826-4728-48DA-94C6-4B9773AA6710}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F23F1710-149E-4C51-8F41-8D6CCA2540E6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F37BA5A9-955E-49EC-9DE9-61E8002AC790}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F5375E89-FD51-4FC8-BE95-A2D4FFA271F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FEF48387-6DE0-4B41-93D1-D844DB0B20BB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{37DB09E7-61B1-4E06-B3C9-CB671C498D4D}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe" = protocol=6 | dir=in | app=c:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe |
"UDP Query User{26AF3EDA-97B7-46ED-A75B-E983D0BFF15E}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe" = protocol=17 | dir=in | app=c:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B444AF9-1DBE-4884-8F35-969BEFCF69A8}" = Intel® Trusted Connect Service Client
"{1C3CE37F-B15A-4438-9E7A-C15B18E27625}" = Synaptics WBF DDK 5011
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2DAA8349-5698-4F3F-B634-F31AE3159CC6}" = Milestone XProtect Smart Client 2014 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{302600C1-6BDF-4FD1-1411-148929CC1385}" = Intel(R) Wireless Bluetooth(R)(patch version 17.1.1450.402)
"{3061DCA5-2D0B-48F9-800F-9D7C1FEB5E78}" = Microsoft Security Client
"{30689060-43BD-46E9-8A54-E6CDB18AAB88}" = 64 Bit HP CIO Components Installer
"{314FAD12-F785-4471-BCE8-AB506642B9A1}" = Lenovo Fingerprint Manager Pro
"{362FC667-C52E-4985-AEFB-8533A2F3C49C}" = Intel® PROSet/Wireless WiFi Software
"{3C38CA01-7933-31E7-A1F6-EAA1DF9BEDF3}" = Microsoft .NET Framework 4.6.1 (CSY)
"{3F5D407B-86F5-4CA5-8F83-7C00BBB69080}" = Intel(R) WiDi
"{4332723E-06E5-47F8-B106-8A2971B01368}" = Intel(R) ME UninstallLegacy
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = Lenovo Active Protection System
"{4D70781C-36A9-4335-9568-565C6F61B5EB}" = Synaptics WBF DDK 5011
"{58F4C39B-D946-4A45-A314-DEFC2AFDF397}" = DisplayLink Core Software
"{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1" = Lenovo Peer Connect SDK
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{8736f7db-10ee-4722-b588-3a7296eafc38}" = Intel(R) PRO/Wireless Driver
"{878F6913-7421-4713-97F7-0A736EE2A188}" = Inst5676
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = Lenovo Communications Utility
"{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}" = HP Color LaserJet CM1312 MFP Series 5.1
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.6.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{BD667C75-0EDD-4073-A406-A6DD9C3016EB}" = Intel(R) Chipset Device Software
"{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}" = Microsoft .NET Framework 4.6.1
"{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}" = Lenovo Solution Center
"{C2306F93-60AC-4401-B600-453376E771EC}" = Intel(R) Management Engine Components
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D9C6E690-0121-4D3A-AB3C-4F0F8D4F1190}" = Milestone XProtect Smart Client 2014 (64-bit)
"{E0729EA8-444C-4AAF-AB69-3CE907F60A38}" = Intel(R) Management Engine Components
"{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}" = Lenovo USB Graphics
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EE4D9822-C7F3-4386-8703-889CDDA22FAA}" = Message Center Plus
"{FE51B16C-A025-418A-A5D6-07D93B643AFB}" = Intel(R) Management Engine Components
"55320B67E6FF26D5CF6A352973677B5A68BD028B" = Windows Driver Package - Intel Corporation (iaStorA) HDC (11/06/2014 13.6.0.1002)
"9831220A78BC6CDB16870D8F80FF2AB41814019A" = Windows Driver Package - Intel (e1dexpress) Net (07/15/2014 12.12.50.7202)
"CCleaner" = CCleaner
"FA3F6F3D6E8958FDDEE1E09CC77DFA71B0D7835A" = Windows Driver Package - Lenovo 1.67.09.03 (11/07/2014 1.67.09.03)
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"IrfanView64" = IrfanView 64 (remove only)
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"MouseSuite98" = Lenovo Mouse Suite
"OnScreenDisplay" = Lenovo On Screen Display
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{04128C8C-7812-4DCC-816E-9C8AB1D6EECE}" = Lenovo QuickControl
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{0626C86E-5A8F-4A6D-8C0A-5FF38BD2DA3A}" = hppFaxUtilityCM1312
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{07B85EEC-05BD-4E6A-AAEB-502FB2473DFA}" = hppCLJCM1312
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{15B15395-FF53-44E1-ADAD-FCC279E3CA10}" = Lenovo PowerENGAGE
"{15BFD731-A10E-43E9-9D18-0F682BC0480F}" = Photo Common
"{193CA6A6-E735-40B1-AA92-F611B291792C}" = Verizon Wireless Mobile Broadband Self Activation
"{19687AD5-7E54-4C5E-A796-125C95079C1D}" = Adobe AIR
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{25C64847-B900-48AD-A164-1B4F9B774650}" = Lenovo System Update
"{26A24AE4-039D-4CA4-87B4-2F83218091F0}" = Java 8 Update 91
"{2D30D92F-AD5C-428F-8029-5A913104F262}" = hppTLBXFXCM1312
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3D2CF65C-B544-4308-B996-700D3E5F6C4C}" = Movie Maker
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{454D32AD-C149-49BE-9F2E-8C089C3D6620}" = Lenovo USB3.0 to DVI VGA Monitor Adapter
"{484A13AB-A4C1-41FD-87E0-EBE2DA01250E}" = hppSendFaxCM1312
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{583EDB12-4CEA-48B5-A7BA-88069DD47BA2}" = hppQFolderCM1312
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{709316AD-161C-4D5C-9AE7-0B3A822DA271}" = Google Drive
"{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}" = ThinkVantage Password Manager
"{7985C7FA-B151-4BA7-B19E-1577A7B527F1}" = hppFaxDrvCM1312
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ThinkVantage Access Connections
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{995F2783-8311-49BF-833E-DB659774B4F6}" = hppFonts
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}" = Windows Live Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A7285D92-27EE-4D91-AB57-5EF326B572C6}" = hpzTLBXFX
"{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}" = Lenovo Mobile Broadband Activation
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-0804-1033-1959-001824184103}" = Adobe Refresh Manager
"{AC76BA86-7AD7-FFFF-7B44-AB0000000001}" = Adobe Reader XI (11.0.16) MUI
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B59ACF5E-0FF7-44D2-B57D-E516F334AC2E}" = hppScanToCM1312
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B991A1BC-DE0F-41B3-9037-B2F948F706EC}" = Intel(R) Update Manager
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}" = Rescue and Recovery
"{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}" = Metric Collection SDK 35
"{C6190DA9-5329-4BFD-A81E-5569A324CB35}" = ModemAuthenticator
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
"{d5572863-793c-4ec8-872a-43cccc68b948}" = Aplikace Intel® PROSet/Wireless
"{D8102684-7BA1-4948-88B9-535F84E6E588}" = Thinkpad USB Ethernet Adapter Driver
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = Power Manager
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{DDAA788F-52E6-44EA-ADB8-92837B11BF26}" = Metric Collection SDK
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = Integrated Camera
"{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}" = Windows Live UX Platform Language Pack
"{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}" = Integrated Camera
"{EBC3147B-36BE-4846-9A3D-0C6292B78350}" = hppPQVideoCM1312
"{ED498DD7-FBC1-4C67-8D9B-C9218FBC818D}" = hppManualsCM1312
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.303
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F24F876B-7D71-4BD6-88E9-614D3BB84240}" = Alcor Micro Smart Card Reader Driver
"{F37D360D-9308-4BB1-8515-DC6B637B9486}" = Fotogalerie
"{f5d71765-7cd1-4e68-998f-5b379e725da3}" = Intel(R) Chipset Device Software
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.24
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"Adobe AIR" = Adobe AIR
"Avidemux 2.6 - 64 bits (64-bit)" = Avidemux 2.6 - 64 bits
"ESET Online Scanner" = ESET Online Scanner v3
"Falcon 4.0" = Falcon 4.0
"Google Chrome" = Google Chrome
"InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}" = Lenovo Fingerprint Manager Pro
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.1.1043
"Mozilla Thunderbird 45.1.1 (x86 cs)" = Mozilla Thunderbird 45.1.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office 2010 pro podnikatele
"Picasa 3" = Picasa 3
"SHAREit_is1" = SHAREit
"SWIIntelDrvInstaller" = Sierra Wireless EM7345 4G LTE Software
"SZCCID" = Alcor Micro Smart Card Reader Driver
"Vision32_is1" = Vision32
"VLC media player" = VLC media player
"WinLiveSuite" = Windows Live Essentials

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4.4.2016 12:05:27 | Computer Name = JAG-PC | Source = WinMgmt | ID = 10
Description =

Error - 8.4.2016 7:25:43 | Computer Name = JAG-PC | Source = WinMgmt | ID = 10
Description =

Error - 10.4.2016 11:48:21 | Computer Name = JAG-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_WbioSrvc, verze: 6.1.7600.16385,
časové razítko: 0x4a5bc3c1 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23338,
časové razítko: 0x56a1cb26 Kód výjimky: 0x80004004 Posun chyby: 0x000000000001a06d
ID
chybujícího procesu: 0xadc Čas spuštění chybující aplikace: 0x01d191990032b645 Cesta
k chybující aplikaci: C:\Windows\system32\svchost.exe Cesta k chybujícímu modulu:
C:\Windows\system32\KERNELBASE.dll ID zprávy: a62199cc-ff33-11e5-9d54-00aa004d0001

Error - 10.4.2016 11:51:10 | Computer Name = JAG-PC | Source = WinMgmt | ID = 10
Description =

Error - 10.4.2016 12:00:35 | Computer Name = JAG-PC | Source = WinMgmt | ID = 10
Description =

Error - 10.4.2016 12:14:26 | Computer Name = JAG-PC | Source = WinMgmt | ID = 10
Description =

Error - 10.4.2016 13:57:10 | Computer Name = JAG-PC | Source = WinMgmt | ID = 10
Description =

Error - 11.4.2016 12:25:22 | Computer Name = JAG-PC | Source = WinMgmt | ID = 10
Description =

Error - 13.4.2016 7:52:54 | Computer Name = JAG-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: googledrivesync.exe, verze: 1.28.1549.1322,
časové razítko: 0x509418e4 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.23349,
časové razítko: 0x56bb81a8 Kód výjimky: 0xc0000005 Posun chyby: 0x0002e064 ID chybujícího
procesu: 0x1710 Čas spuštění chybující aplikace: 0x01d1940f37da3c5b Cesta k chybující
aplikaci: C:\Program Files (x86)\Google\Drive\googledrivesync.exe Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: 416ce012-016e-11e6-be06-00aa004d0001

Error - 18.4.2016 11:20:34 | Computer Name = JAG-PC | Source = WinMgmt | ID = 10
Description =

[ Lenovo-Message Center Plus/Admin Events ]
Error - 31.5.2016 3:05:19 | Computer Name = JAG-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 31.5.2016 3:05:19 | Computer Name = JAG-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 1.6.2016 2:30:43 | Computer Name = JAG-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 1.6.2016 2:30:43 | Computer Name = JAG-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 1.6.2016 2:30:43 | Computer Name = JAG-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 3.6.2016 3:42:21 | Computer Name = JAG-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 3.6.2016 3:42:21 | Computer Name = JAG-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 3.6.2016 3:42:21 | Computer Name = JAG-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 22.6.2016 13:58:27 | Computer Name = JAG-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 22.6.2016 13:58:42 | Computer Name = JAG-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

[ ModemAuthenticatorLog Events ]
Error - 30.5.2016 6:31:43 | Computer Name = JAG-PC | Source = ModemAuthenticator | ID = 32
Description = Actual MBIM_STATUS_CODE = 9

Error - 6.6.2016 7:08:19 | Computer Name = JAG-PC | Source = ModemAuthenticator | ID = 32
Description = Actual MBIM_STATUS_CODE = 9

Error - 16.6.2016 5:56:16 | Computer Name = JAG-PC | Source = ModemAuthenticator | ID = 33
Description = Actual MBIM_STATUS_CODE = 9

[ System Events ]
Error - 16.6.2016 5:27:40 | Computer Name = JAG-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 16.6.2016 5:28:40 | Computer Name = JAG-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 16.6.2016 5:29:48 | Computer Name = JAG-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 16.6.2016 5:29:48 | Computer Name = JAG-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 16.6.2016 5:29:48 | Computer Name = JAG-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 16.6.2016 5:30:10 | Computer Name = JAG-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 16.6.2016 5:30:12 | Computer Name = JAG-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 16.6.2016 5:30:56 | Computer Name = JAG-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Lenovo Platform Service bylo dosaženo
časového limitu (30000 ms).

Error - 16.6.2016 5:31:26 | Computer Name = JAG-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Intel(R) HD Graphics Control Panel
Service bylo dosaženo časového limitu (30000 ms).

Error - 16.6.2016 5:31:26 | Computer Name = JAG-PC | Source = Service Control Manager | ID = 7000
Description = Služba Intel(R) HD Graphics Control Panel Service neuspěla při spuštění
v důsledku následující chyby: %%1053


< End of report >

Stav: V Chromu nic nevyskakuje a to nabíhání Windowsů je už o něco rychlejší.

[ADA64]

Ty Windowsy beru zpět je to stále stejně pomalé