Kone lagaa. Voisiko joku vilkaista. Kiitos. Boot mode: Normal Running processes: C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Viljo\Desktop\HijackThis.exe C:\WINDOWS\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.yahoo.com?fr=fp-comodo&type=33050001005_10.1.0.6474_i_hp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" O4 - HKLM\..\Run: [IseUI] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{09821170-C332-4158-BA80-35BD4727B194}: NameServer = 156.154.70.22,156.154.71.22 O17 - HKLM\System\CCS\Services\Tcpip\..\{0C9286C3-1740-4E56-ADA7-E9E904DE8B3D}: NameServer = 156.154.70.22,156.154.71.22 O17 - HKLM\System\CS1\Services\Tcpip\..\{09821170-C332-4158-BA80-35BD4727B194}: NameServer = 156.154.70.22,156.154.71.22 O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O23 - Service: McAfee Application Installer Cleanup (0141711515313214) (0141711515313214mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\014171~1.EXE (file missing) O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing) O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\GeofenceMonitorService.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: LsvUIService - Lenovo - C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe O23 - Service: McAfee OOBE Service2 (McOobeSv2) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing) O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-101 (vmicheartbeat) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-201 (vmickvpexchange) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-601 (vmicrdv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-301 (vmicshutdown) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-401 (vmictimesync) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-501 (vmicvss) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe -- End of file - 25739 bytes
Lataa FarBar Recovery Scan Tool. 32-Bit / 64-Bit Versio Tästä. Tallenna ohjelma työpöydällesi ja käynnistä se. Aloita tarkistus painamalla " Scan " -painiketta. Kun ohjelman tarkistus on valmis, se tekee lokitiedoston (FRST.txt) & (Additional.txt) samaan hakemistoon johon se on asennettu. Lähetä lokitiedosto(t) seuraavassa viestissäsi.
==================== Accounts: ============================= HomeGroupUser$ (S-1-5-21-1861800984-1872377166-2483180764-1003 - Limited - Enabled) Järjestelmänvalvoja (S-1-5-21-1861800984-1872377166-2483180764-500 - Administrator - Disabled) => C:\Users\Administrator Vieras (S-1-5-21-1861800984-1872377166-2483180764-501 - Limited - Disabled) Viljo (S-1-5-21-1861800984-1872377166-2483180764-1001 - Administrator - Enabled) => C:\Users\Viljo ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus ja Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75} AS: COMODO Advanced Protection (Disabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40} AS: McAfee Anti-Virus ja Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} FW: COMODO Firewall (Disabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) COMODO Firewall (HKLM\...\{75C26670-9009-4018-8178-A4E731B83EB9}) (Version: 10.1.0.6474 - COMODO Security Solutions Inc.) Hidden COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 10.1.0.6474 - COMODO Security Solutions Inc.) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant) CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.3.436779.133 - Comodo) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.) Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo) Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.2 - Lenovo) Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo) McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.907 - McAfee, Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo) Opera Stable 50.0.2762.45 (HKLM-x32\...\Opera 50.0.2762.45) (Version: 50.0.2762.45 - Opera Software) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010814 - REALTEK Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0238 - REALTEK Semiconductor Corp.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.) Start Menu (HKU\S-1-5-21-1861800984-1872377166-2483180764-1001\...\Pokki) (Version: 0.269.2.405 - Pokki) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated) User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-07] (AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-07] (AVAST Software) ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-01-06] (Realtek Semiconductor Corporation) ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-01-03] (COMODO) ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2013-09-25] (McAfee, Inc.) ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-01-03] (COMODO) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-07] (AVAST Software) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2013-12-18] (Intel Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-07] (AVAST Software) ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-01-03] (COMODO) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2013-09-25] (McAfee, Inc.) ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {08DA314C-A287-4E60-9574-E9F6CA0ECBAE} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-06-13] (Lenovo) Task: {10BC190B-D9D2-4D2D-B302-4A2D9FFAE57D} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.) Task: {1F988C89-521C-4B07-81DF-B7CF0CEED151} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2018-01-03] (COMODO) Task: {205518D9-368E-423E-ACF5-7C73A3DDD177} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-03] (COMODO) Task: {2BE21539-F921-4F9B-8278-E2A8DB8A8009} - System32\Tasks\Opera scheduled Autoupdate 1515313283 => C:\Program Files\Opera\launcher.exe [2018-01-03] (Opera Software) Task: {3F1C6519-ABF6-458A-A51E-8227E956C36C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.) Task: {3FAABC14-B123-4319-AE37-74AD6297B137} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-04] () Task: {435720A1-D745-48FD-9943-E628810BB385} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-03] (COMODO) Task: {4A598DDA-2EDF-4295-B661-3A2865EFDA9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-07] (Google Inc.) Task: {5BAEE3A0-8E45-4B85-99D4-B40D97CBDC49} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-07] (Google Inc.) Task: {8071C872-C197-48E9-B51F-6EFC9F0F8FC4} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-03] (COMODO) Task: {A42B043C-7E1E-4C43-B49A-81F7FA8D4A32} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-24] (Synaptics Incorporated) Task: {AAC268A1-0353-46A4-919E-9CFCED44A926} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-01-03] (COMODO) Task: {ACFFAD50-2384-4065-B320-ECB72A1542FB} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-03] (COMODO) Task: {B80B5807-8216-4B87-BFF6-6D5EF46453C9} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo) Task: {C1954A41-426C-4CFD-B34E-A5A7BCA6B057} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-01-07] (AVAST Software) Task: {D703B5AA-B10C-4DDD-8F68-809E15D93D26} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.) Task: {DFFE520C-B616-485F-875C-E8DC761F9BBC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-07] (AVAST Software) Task: {FF8E9897-97DC-45E2-B9FE-32CDA2508333} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-06-13 09:43 - 2014-01-06 23:56 - 000079872 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe 2018-01-03 21:21 - 2018-01-03 21:21 - 000156864 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll 2018-01-03 21:20 - 2018-01-03 21:20 - 000106688 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll 2018-01-03 21:21 - 2018-01-03 21:21 - 000245440 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll 2014-06-13 10:32 - 2012-04-25 04:43 - 000390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2014-06-13 10:34 - 2014-06-13 10:34 - 000068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe 2014-06-13 10:34 - 2014-06-13 10:34 - 000669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll 2014-06-13 09:49 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2018-01-07 10:21 - 2018-01-03 08:47 - 096347432 _____ () C:\Program Files\Opera\50.0.2762.45\opera_browser.dll 2018-01-07 10:21 - 2018-01-03 08:47 - 004215592 _____ () C:\Program Files\Opera\50.0.2762.45\libglesv2.dll 2018-01-07 10:21 - 2018-01-03 08:47 - 000108328 _____ () C:\Program Files\Opera\50.0.2762.45\libegl.dll 2014-06-13 10:34 - 2014-06-13 10:34 - 000101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll 2014-06-13 09:41 - 2013-09-16 21:20 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2018-01-07 11:50 - 2018-01-07 11:50 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2018-01-07 11:50 - 2018-01-07 11:50 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll 2018-01-07 11:50 - 2018-01-07 11:50 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll 2018-01-07 11:50 - 2018-01-07 11:50 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-01-07 11:50 - 2018-01-07 11:50 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2018-01-07 11:49 - 2018-01-07 11:49 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2018-01-07 12:03 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2018-01-07 12:03 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2018-01-07 12:03 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2018-01-07 12:03 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1861800984-1872377166-2483180764-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg HKU\S-1-5-21-1861800984-1872377166-2483180764-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 156.154.70.22 - 156.154.71.22 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{35F2C84A-3726-4858-BB12-58DFA7AFDCD1}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{05D7CFC7-E18A-4277-9511-FB85A1A11CFC}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{E63EFDF2-8E60-417C-9DE6-04AD91DDF733}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{E5ECAC83-5153-4F62-A519-12E42E93397D}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{B42CACFE-5E46-4DF3-BD6B-6696AC6BE292}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE FirewallRules: [{9DA5A07B-64A6-49D5-9B10-EEBF98B165A5}] => (Allow) C:\Program Files\Opera\50.0.2762.45\opera.exe FirewallRules: [{E711F7C2-26C0-4057-8C5D-E2ACCFEB3C5B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= 07-01-2018 10:09:46 Installing COMODO Firewall ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/07/2018 11:53:49 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Aktivointikontekstin luonti epäonnistui (C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll). Riippuvaista kokoonpanoa Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" ei löytynyt. Yksityiskohtaisen vianmäärityksen voi tehdä ohjelmalla sxstrace.exe. Error: (01/07/2018 10:10:59 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-hallinta) Description: Tapahtumapalvelu CisWmi yritti rekisteröidä kyselyn SELECT * FROM CisFileRatingChange, jonka kohdeluokkaa CisFileRatingChange ei ole nimitilassa //./root/cis. Kysely ohitetaan. Error: (01/07/2018 10:10:59 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-hallinta) Description: Tapahtumapalvelu CisWmi yritti rekisteröidä kyselyn SELECT * FROM CisStatusChange, jonka kohdeluokkaa CisStatusChange ei ole nimitilassa //./root/cis. Kysely ohitetaan. Error: (01/07/2018 10:10:59 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-hallinta) Description: Tapahtumapalvelu CisWmi yritti rekisteröidä kyselyn SELECT * FROM CisNotification, jonka kohdeluokkaa CisNotification ei ole nimitilassa //./root/cis. Kysely ohitetaan. Error: (01/07/2018 10:10:59 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-hallinta) Description: Tapahtumapalvelu CisWmi yritti rekisteröidä kyselyn SELECT * FROM FwAlert, jonka kohdeluokkaa FwAlert ei ole nimitilassa //./root/cis. Kysely ohitetaan. Error: (01/07/2018 10:10:59 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-hallinta) Description: Tapahtumapalvelu CisWmi yritti rekisteröidä kyselyn SELECT * FROM DfAlert, jonka kohdeluokkaa DfAlert ei ole nimitilassa //./root/cis. Kysely ohitetaan. Error: (01/07/2018 10:10:59 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-hallinta) Description: Tapahtumapalvelu CisWmi yritti rekisteröidä kyselyn SELECT * FROM AvAlert, jonka kohdeluokkaa AvAlert ei ole nimitilassa //./root/cis. Kysely ohitetaan. Error: (01/07/2018 10:10:59 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-hallinta) Description: Tapahtumapalvelu CisWmi yritti rekisteröidä kyselyn SELECT * FROM CisAlert, jonka kohdeluokkaa CisAlert ei ole nimitilassa //./root/cis. Kysely ohitetaan. Error: (01/07/2018 10:10:59 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-hallinta) Description: Tapahtumapalvelu CisWmi yritti rekisteröidä kyselyn SELECT * FROM CisEvent, jonka kohdeluokkaa CisEvent ei ole nimitilassa //./root/cis. Kysely ohitetaan. Error: (01/07/2018 10:10:59 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-hallinta) Description: Tapahtumapalvelu yritti rekisteröidä kyselyn SELECT * FROM CisFileRatingChange, jonka kohdeluokkaa CisFileRatingChange ei ole nimitilassa //./root/cis. Kysely ohitetaan. System errors: ============= Error: (01/07/2018 01:10:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Palvelu Etäkäytön yhteyksienhallinta lopetettiin virheen takia. Virhe: Määritettyä laitetta ei löydy. Error: (01/07/2018 01:10:06 PM) (Source: RasMan) (EventID: 20063) (User: ) Description: Remote Access Connection Manager failed to start because the Protocol engine [C:\WINDOWS\system32\vpnike.dll] failed to initialize. Määritettyä laitetta ei löydy. Error: (01/07/2018 10:05:18 AM) (Source: Schannel) (EventID: 4120) (User: NT-hallinta) Description: Vakava ilmoitus luotiin ja lähetettiin etäpäätepisteeseen. Tämä voi johtaa yhteyden katkaisemiseen. TLS-protokollan määrittämä vakavan virheen koodi on 40. Windows SChannel -virhetila on 252. Error: (01/07/2018 10:05:18 AM) (Source: Schannel) (EventID: 4120) (User: NT-hallinta) Description: Vakava ilmoitus luotiin ja lähetettiin etäpäätepisteeseen. Tämä voi johtaa yhteyden katkaisemiseen. TLS-protokollan määrittämä vakavan virheen koodi on 40. Windows SChannel -virhetila on 252. Error: (01/07/2018 09:56:22 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Palvelu Windows Search lukkiutui käynnistyksessä. Error: (06/13/2014 10:49:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-hallinta) Description: Kohteen application-specific käyttöoikeusasetukset eivät myönnä käyttäjälle NT AUTHORITY\SYSTEM, SID-tunnus (S-1-5-18) osoitteesta LocalHost (Using LRPC), käyttöoikeutta Local Activation COM-palvelimen sovellukseen, jonka CLSID-tunnus on {D63B10C5-BB46-4990-A94F-E40B9D520160} ja APPID-tunnus on {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} ja joka suoritetaan sovellussäilössä Unavailable, SID-tunnus (Unavailable). Tätä suojauskäyttöoikeutta voi muokata komponenttipalveluiden hallintatyökalulla. CodeIntegrity: =================================== Date: 2018-01-07 12:02:09.013 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-01-07 12:02:06.398 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) 3558U @ 1.70GHz Percentage of memory in use: 72% Total physical RAM: 3988.27 MB Available physical RAM: 1109.89 MB Total Virtual: 5823.02 MB Available Virtual: 2053.14 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:423.15 GB) (Free:255.27 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.9 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 167C1F76) Partition: GPT. ==================== End of Addition.txt ============================
result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018 Ran by Viljo (administrator) on LENOVO-PC (07-01-2018 15:23:17) Running from C:\Users\Viljo\AppData\Local\Temp\scoped_dir3912_2243 Loaded Profiles: Viljo & Järjestelmänvalvoja (Available Profiles: Viljo & Järjestelmänvalvoja) Platform: Windows 8.1 (Update) (X64) Language: suomi (Suomi) Internet Explorer Version 11 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Pokki) C:\Users\Viljo\AppData\Local\Pokki\Engine\StartMenuIndexer.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe (COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe (Opera Software) C:\Program Files\Opera\50.0.2762.45\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.45\opera_crashreporter.exe (Opera Software) C:\Program Files\Opera\50.0.2762.45\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.45\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.45\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.45\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.45\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.45\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.45\opera.exe (Microsoft Corporation) C:\Windows\System32\msinfo32.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-10-17] (Realtek semiconductor) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-06-13] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-06-13] (Lenovo(beijing) Limited) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-07] (AVAST Software) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-25] (McAfee, Inc.) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.) HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4072656 2017-12-26] (COMODO) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1861800984-1872377166-2483180764-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{09821170-C332-4158-BA80-35BD4727B194}: [NameServer] 156.154.70.22,156.154.71.22 Tcpip\..\Interfaces\{09821170-C332-4158-BA80-35BD4727B194}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{0C9286C3-1740-4E56-ADA7-E9E904DE8B3D}: [NameServer] 156.154.70.22,156.154.71.22 Tcpip\..\Interfaces\{0C9286C3-1740-4E56-ADA7-E9E904DE8B3D}: [DhcpNameServer] 150.206.1.2 Internet Explorer: ================== HKU\S-1-5-21-1861800984-1872377166-2483180764-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fi.yahoo.com?fr=fp-comodo&type=33050001005_10.1.0.6474_i_hp HKU\S-1-5-21-1861800984-1872377166-2483180764-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB HKU\S-1-5-21-1861800984-1872377166-2483180764-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com SearchScopes: HKU\S-1-5-21-1861800984-1872377166-2483180764-1001 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://fi.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo&type=33050001005_10.1.0.6474_i_ds SearchScopes: HKU\S-1-5-21-1861800984-1872377166-2483180764-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://fi.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo&type=33050001005_10.1.0.6474_i_ds BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-01-07] (AVAST Software) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-07] (AVAST Software) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2013-09-25] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2013-09-25] (McAfee, Inc.) FireFox: ======== FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-01-07] [Legacy] [not signed] FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2013-09-25] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2013-09-25] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-07] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-07] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-22] (VideoLAN) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com CHR Profile: C:\Users\Viljo\AppData\Local\Google\Chrome\User Data\Default [2018-01-07] CHR Extension: (Docs) - C:\Users\Viljo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-07] Opera: ======= StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 0141711515313214mcinstcleanup; C:\WINDOWS\TEMP\014171~1.EXE [834664 2013-07-31] (McAfee, Inc.) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-07] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-07] (AVAST Software) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [79872 2014-01-06] () [File not signed] R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10959800 2018-01-03] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2018-01-03] (COMODO) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-12] (McAfee, Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1199824 2017-12-26] (COMODO) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-06-13] (Lenovo) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-30] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-12] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-12] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-15] (McAfee, Inc.) R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-12] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-12] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-12] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-11-27] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-12-06] (McAfee, Inc.) R2 mfevtp; C:\windows\system32\mfevtps.exe [184800 2013-12-06] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-12] (McAfee, Inc.) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] () R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.) R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-06-13] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [185096 2018-01-07] (AVAST Software) S3 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2018-01-07] (AVAST Software) S3 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2018-01-07] (AVAST Software) S3 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2018-01-07] (AVAST Software) S3 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2018-01-07] (AVAST Software) R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [149344 2018-01-07] (AVAST Software) S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-01-07] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146664 2018-01-07] (AVAST Software) S3 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110336 2018-01-07] (AVAST Software) S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84384 2018-01-07] (AVAST Software) S3 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1025176 2018-01-07] (AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [457400 2018-01-07] (AVAST Software) S3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204456 2018-01-07] (AVAST Software) S3 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [358672 2018-01-07] (AVAST Software) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [70112 2013-12-06] (McAfee, Inc.) R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [35368 2017-12-28] (COMODO) R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [821752 2017-12-28] (COMODO) R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [42080 2017-12-28] (COMODO) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [124688 2017-12-28] (COMODO) R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63200 2017-12-13] (COMODO) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [179792 2013-12-06] (McAfee, Inc.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [311120 2013-12-06] (McAfee, Inc.) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [69344 2013-12-06] (McAfee, Inc.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [519576 2013-12-06] (McAfee, Inc.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [782616 2013-12-06] (McAfee, Inc.) R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [411944 2013-11-27] (McAfee, Inc.) S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [96112 2013-11-27] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [343696 2013-12-06] (McAfee, Inc.) S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-05] (Realtek Semiconductor Corporation) R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp.) R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2982104 2013-12-26] (Realtek Semiconductor Corporation ) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [35856 2013-10-31] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [236888 2013-10-31] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink) U3 aswbdisk; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-01-07 19:46 - 2018-01-07 19:46 - 000262144 _____ C:\WINDOWS\system32\config\userdiff 2018-01-07 19:46 - 2018-01-07 19:46 - 000000000 ____D C:\Windows.old 2018-01-07 19:24 - 2018-01-07 19:24 - 000000000 ____D C:\$WINDOWS.~BT 2018-01-07 15:20 - 2018-01-07 15:23 - 000000000 ____D C:\FRST 2018-01-07 15:20 - 2018-01-07 15:20 - 002393088 _____ (Farbar) C:\Users\Viljo\Desktop\FRST64.exe 2018-01-07 15:18 - 2018-01-07 15:18 - 001753600 _____ (Farbar) C:\Users\Viljo\Desktop\FRST.exe 2018-01-07 12:46 - 2018-01-07 12:46 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software 2018-01-07 12:46 - 2018-01-07 12:46 - 000000000 ____D C:\Program Files\Common Files\Avast Software 2018-01-07 12:13 - 2018-01-07 12:13 - 000000000 ____D C:\Users\Viljo\Desktop\backups 2018-01-07 12:05 - 2018-01-07 12:05 - 000001418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2018-01-07 12:05 - 2018-01-07 12:05 - 000001406 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2018-01-07 12:05 - 2018-01-07 12:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2018-01-07 12:05 - 2018-01-07 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2018-01-07 12:04 - 2018-01-07 12:48 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2018-01-07 12:04 - 2017-05-23 09:22 - 000032240 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe 2018-01-07 12:03 - 2018-01-07 12:08 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2018-01-07 12:01 - 2018-01-07 12:02 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\Viljo\Desktop\spybotsd-2.6.46.exe 2018-01-07 11:58 - 2018-01-07 12:01 - 000002220 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-01-07 11:58 - 2018-01-07 12:01 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-01-07 11:56 - 2018-01-07 12:16 - 000003440 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-01-07 11:56 - 2018-01-07 12:16 - 000003312 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-01-07 11:56 - 2018-01-07 11:58 - 000000000 ____D C:\Users\Viljo\AppData\Local\Google 2018-01-07 11:56 - 2018-01-07 11:57 - 000000000 ____D C:\Program Files (x86)\Google 2018-01-07 11:54 - 2018-01-07 11:54 - 000000000 ____D C:\Users\Viljo\AppData\Roaming\AVAST Software 2018-01-07 11:54 - 2018-01-07 11:54 - 000000000 ____D C:\Users\Viljo\AppData\Local\CEF 2018-01-07 11:53 - 2018-01-07 11:56 - 000004172 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2018-01-07 11:53 - 2018-01-07 11:53 - 000001949 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2018-01-07 11:53 - 2018-01-07 11:53 - 000000000 ____D C:\ProgramData\SWCUTemp 2018-01-07 11:53 - 2018-01-07 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2018-01-07 11:52 - 2018-01-07 11:51 - 000457400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2018-01-07 11:52 - 2018-01-07 11:51 - 000365680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2018-01-07 11:52 - 2018-01-07 11:51 - 000358672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2018-01-07 11:52 - 2018-01-07 11:51 - 000204456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2018-01-07 11:52 - 2018-01-07 11:51 - 000185096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2018-01-07 11:52 - 2018-01-07 11:51 - 000146664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2018-01-07 11:52 - 2018-01-07 11:51 - 000110336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2018-01-07 11:52 - 2018-01-07 11:51 - 000084384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2018-01-07 11:52 - 2018-01-07 11:51 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2018-01-07 11:52 - 2018-01-07 11:50 - 001142072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2018-01-07 11:52 - 2018-01-07 11:50 - 001001272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2018-01-07 11:52 - 2018-01-07 11:49 - 001025176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2018-01-07 11:52 - 2018-01-07 11:49 - 000343768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys 2018-01-07 11:52 - 2018-01-07 11:49 - 000321512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2018-01-07 11:52 - 2018-01-07 11:49 - 000199448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2018-01-07 11:52 - 2018-01-07 11:49 - 000149344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys 2018-01-07 11:52 - 2018-01-07 11:49 - 000057696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2018-01-07 11:45 - 2018-01-07 11:45 - 000000000 ____D C:\Program Files\AVAST Software 2018-01-07 11:44 - 2018-01-07 11:51 - 000000000 ____D C:\ProgramData\AVAST Software 2018-01-07 11:44 - 2018-01-07 11:44 - 007172032 _____ (AVAST Software) C:\Users\Viljo\Desktop\avast_free_antivirus_setup_online.exe 2018-01-07 11:33 - 2018-01-07 11:33 - 000000000 _____ C:\Users\Viljo\Desktop\Uusi tekstiasiakirja.txt 2018-01-07 11:30 - 2018-01-07 11:31 - 000388608 _____ (Trend Micro Inc.) C:\Users\Viljo\Desktop\HijackThis.exe 2018-01-07 11:12 - 2018-01-07 11:12 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2018-01-07 10:27 - 2018-01-07 14:22 - 000000000 ____D C:\Users\Viljo\AppData\Roaming\vlc 2018-01-07 10:25 - 2018-01-07 10:25 - 000001097 _____ C:\Users\Public\Desktop\VLC media player.lnk 2018-01-07 10:25 - 2018-01-07 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2018-01-07 10:24 - 2018-01-07 10:24 - 000000000 ____D C:\Program Files (x86)\VideoLAN 2018-01-07 10:22 - 2018-01-07 10:22 - 001576280 _____ ( ) C:\Users\Viljo\Downloads\VLC.exe 2018-01-07 10:21 - 2018-01-07 10:21 - 000003848 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1515313283 2018-01-07 10:21 - 2018-01-07 10:21 - 000001120 _____ C:\Users\Public\Desktop\Opera-selain.lnk 2018-01-07 10:21 - 2018-01-07 10:21 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-selain.lnk 2018-01-07 10:21 - 2018-01-07 10:21 - 000000000 ____D C:\Users\Viljo\AppData\Roaming\Opera Software 2018-01-07 10:21 - 2018-01-07 10:21 - 000000000 ____D C:\Users\Viljo\AppData\Local\Opera Software 2018-01-07 10:20 - 2018-01-07 10:22 - 000000000 ____D C:\Program Files\Opera 2018-01-07 10:20 - 2018-01-07 10:20 - 000000000 ____D C:\Program Files\Common Files\AV 2018-01-07 10:19 - 2018-01-07 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2018-01-07 10:11 - 2018-01-07 10:11 - 000001251 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk 2018-01-07 10:11 - 2018-01-07 10:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\COMODO 2018-01-07 10:10 - 2018-01-07 10:10 - 000000000 ____D C:\Program Files\COMODO 2018-01-07 10:09 - 2018-01-07 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO 2018-01-07 10:09 - 2018-01-07 10:09 - 000000000 ____D C:\Program Files (x86)\COMODO 2018-01-07 10:09 - 2017-12-26 12:21 - 000256040 _____ (COMODO) C:\WINDOWS\system32\iseguard64.dll 2018-01-07 10:09 - 2017-12-26 12:21 - 000205536 _____ (COMODO) C:\WINDOWS\SysWOW64\iseguard32.dll 2018-01-07 10:09 - 2017-12-13 04:16 - 000063200 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys 2018-01-07 10:06 - 2018-01-07 10:09 - 000000000 ____D C:\ProgramData\Comodo 2018-01-07 10:06 - 2018-01-07 10:06 - 000000000 ____D C:\ProgramData\Shared Space 2018-01-07 10:06 - 2018-01-07 10:06 - 000000000 ____D C:\ProgramData\Comodo Downloader 2018-01-07 10:05 - 2018-01-07 10:05 - 000000000 __SHD C:\Users\Viljo\AppData\Local\EmieUserList 2018-01-07 10:05 - 2018-01-07 10:05 - 000000000 __SHD C:\Users\Viljo\AppData\Local\EmieSiteList 2018-01-07 10:02 - 2018-01-07 12:06 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1861800984-1872377166-2483180764-1001 2018-01-07 09:59 - 2018-01-07 09:59 - 000000000 ____D C:\Users\Viljo\AppData\Roaming\Intel Corporation 2018-01-07 09:57 - 2018-01-07 09:57 - 000012646 _____ C:\Users\Viljo\Desktop\Poistetut sovellukset.html 2018-01-07 09:57 - 2018-01-07 09:57 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD 2018-01-07 09:57 - 2018-01-07 09:57 - 000000000 ____D C:\Users\Viljo\AppData\Roaming\Macromedia 2018-01-07 09:56 - 2018-01-07 11:32 - 000000000 ____D C:\Users\Viljo\AppData\Local\VirtualStore 2018-01-07 09:56 - 2018-01-07 09:56 - 000001453 _____ C:\Users\Viljo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2018-01-07 09:56 - 2018-01-07 09:56 - 000001264 _____ C:\Users\Viljo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BTServer Toasts App.lnk 2018-01-07 09:56 - 2018-01-07 09:56 - 000000000 ____D C:\Users\Viljo\AppData\Roaming\Adobe 2018-01-07 09:55 - 2018-01-07 09:55 - 000000020 ___SH C:\Users\Viljo\ntuser.ini 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Public\Documents\Omat videotiedostot 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Public\Documents\Omat musiikkitiedostot 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Public\Documents\Omat kuvatiedostot 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Default\Verkkoympäristö 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Default\Tulostinympäristö 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Default\Omat tiedostot 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Default\Mallit 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Default\Käynnistä-valikko 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Default\Documents\Omat videotiedostot 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Default\Documents\Omat musiikkitiedostot 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Default\Documents\Omat kuvatiedostot 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Ohjelmat 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Default User\Documents\Omat videotiedostot 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Default User\Documents\Omat musiikkitiedostot 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Default User\Documents\Omat kuvatiedostot 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Ohjelmat 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\ProgramData\Työpöytä 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\ProgramData\Tiedostot 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Ohjelmat 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\ProgramData\Mallit 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\ProgramData\Käynnistä-valikko 2018-01-07 09:52 - 2018-01-07 09:52 - 000000000 _SHDL C:\Program Files\Common Files\Järjestelmä 2018-01-07 09:51 - 2018-01-07 09:51 - 000002547 _____ C:\Users\Administrator\AppData\Local\Application.xml 2018-01-07 09:50 - 2018-01-07 09:50 - 000000000 _SHDL C:\Users\Viljo\Verkkoympäristö 2018-01-07 09:50 - 2018-01-07 09:50 - 000000000 _SHDL C:\Users\Viljo\Tulostinympäristö 2018-01-07 09:50 - 2018-01-07 09:50 - 000000000 _SHDL C:\Users\Viljo\Omat tiedostot 2018-01-07 09:50 - 2018-01-07 09:50 - 000000000 _SHDL C:\Users\Viljo\Mallit 2018-01-07 09:50 - 2018-01-07 09:50 - 000000000 _SHDL C:\Users\Viljo\Käynnistä-valikko 2018-01-07 09:50 - 2018-01-07 09:50 - 000000000 _SHDL C:\Users\Viljo\Documents\Omat videotiedostot 2018-01-07 09:50 - 2018-01-07 09:50 - 000000000 _SHDL C:\Users\Viljo\Documents\Omat musiikkitiedostot 2018-01-07 09:50 - 2018-01-07 09:50 - 000000000 _SHDL C:\Users\Viljo\Documents\Omat kuvatiedostot 2018-01-07 09:50 - 2018-01-07 09:50 - 000000000 _SHDL C:\Users\Viljo\AppData\Roaming\Microsoft\Windows\Start Menu\Ohjelmat 2018-01-07 09:49 - 2018-01-07 09:57 - 000000000 ____D C:\Users\Viljo 2018-01-07 09:49 - 2018-01-07 09:51 - 000024768 _____ C:\WINDOWS\diagwrn.xml 2018-01-07 09:49 - 2018-01-07 09:51 - 000024768 _____ C:\WINDOWS\diagerr.xml 2018-01-07 09:49 - 2014-06-13 10:28 - 000000000 ____D C:\Users\Viljo\AppData\Local\Pokki 2018-01-07 09:49 - 2014-03-18 11:55 - 000000369 _____ C:\Users\Viljo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2018-01-07 09:49 - 2014-03-18 11:55 - 000000369 _____ C:\Users\Viljo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2018-01-07 09:49 - 2013-02-05 00:18 - 000000189 _____ C:\Users\Viljo\Desktop\Lenovo Telephony Start Now.url 2018-01-07 09:16 - 2018-01-07 19:24 - 000000000 ___HD C:\$SysReset 2018-01-03 21:24 - 2018-01-03 21:24 - 000925264 _____ (COMODO) C:\WINDOWS\system32\guard64.dll 2018-01-03 21:24 - 2018-01-03 21:24 - 000711200 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll 2018-01-03 21:24 - 2018-01-03 21:24 - 000051808 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll 2018-01-03 21:21 - 2018-01-03 21:21 - 000467648 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll 2018-01-03 21:20 - 2018-01-03 21:20 - 000371392 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll 2018-01-02 19:55 - 2018-01-02 19:55 - 000000000 ___HD C:\VTRoot 2018-01-02 19:35 - 2018-01-07 10:23 - 031038416 _____ C:\Users\Viljo\Downloads\vlc-2.2.8-win32.exe 2018-01-02 18:44 - 2018-01-02 18:43 - 000062621 _____ C:\Users\Viljo\Desktop\Jacobs.Ladder.1990.BluRay.1080p.DTS-LoNeWolf.srt 2018-01-02 18:43 - 2018-01-02 18:43 - 000062621 _____ C:\Users\Viljo\Downloads\Jacobs.Ladder.1990.BluRay.1080p.DTS-LoNeWolf.srt 2018-01-02 16:51 - 2018-01-02 16:51 - 000592231 _____ C:\Users\Viljo\Downloads\Blade.Of.The.Immortal.2017.1080p.BRRip.x265.ac3.FinSub-Betsy.torrent 2018-01-02 16:49 - 2018-01-02 16:50 - 000284052 _____ C:\Users\Viljo\Downloads\Brawl.in.Cell.Block.99.2017.1080p.BDRip.x265.acc.FinSub-Betsy.torrent 2018-01-02 16:46 - 2018-01-02 16:46 - 000016748 _____ C:\Users\Viljo\Downloads\Kickboxer.Retaliation.2017.1080p.WEBRip.x264-ZMG.torrent 2017-12-29 21:33 - 2017-12-29 21:33 - 000205143 _____ C:\Users\Viljo\Downloads\A Monster Calls 2016 1080p BluRay x264 AC3-JYK FinSub.torrent 2017-12-28 13:48 - 2017-12-28 13:48 - 000821752 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys 2017-12-28 13:48 - 2017-12-28 13:48 - 000124688 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys 2017-12-28 13:48 - 2017-12-28 13:48 - 000042080 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys 2017-12-28 13:47 - 2017-12-28 13:47 - 000035368 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys 2017-12-26 20:01 - 2017-12-26 20:01 - 000414662 _____ C:\Users\Viljo\Downloads\Blade Runner 2049.720p.WEB-DL.x264.ac3.FinSub-Betsy.torrent 2017-12-25 01:00 - 2017-12-25 01:00 - 000000000 ____D C:\Users\Viljo\.android 2017-12-25 00:22 - 2017-12-25 00:23 - 001708808 _____ ( ) C:\Users\Viljo\Downloads\KingoRoot.exe 2017-12-24 20:47 - 2018-01-07 09:51 - 000000000 ____D C:\Users\Viljo\Desktop\Tor Browser 2017-12-24 20:46 - 2017-12-24 20:46 - 053564880 _____ C:\Users\Viljo\Downloads\torbrowser-install-7.0.11_en-US(1).exe 2017-12-24 20:45 - 2017-12-24 20:46 - 053564880 _____ C:\Users\Viljo\Downloads\torbrowser-install-7.0.11_en-US.exe 2017-12-23 17:23 - 2017-12-23 17:23 - 001576344 _____ ( ) C:\Users\Viljo\Downloads\internet_explorer(1).exe 2017-12-23 17:22 - 2017-12-23 17:22 - 001576344 _____ ( ) C:\Users\Viljo\Downloads\internet_explorer.exe 2017-12-17 22:04 - 2017-12-17 22:04 - 000013902 _____ C:\Users\Viljo\Downloads\Napapiirin.sankarit.3.2017.FiNNiSH.BRRip.x264-ALV.torrent 2017-12-08 09:59 - 2017-12-27 00:32 - 000123392 ___SH C:\Users\Viljo\Desktop\Thumbs.db 2017-12-08 00:10 - 2017-12-08 00:10 - 007392520 _____ (Goversoft LLC) C:\Users\Viljo\Desktop\privazer_free (1).exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-01-07 19:46 - 2013-08-22 17:36 - 000262144 _____ C:\WINDOWS\system32\config\BCD-Template 2018-01-07 15:24 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-01-07 13:12 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf 2018-01-07 10:21 - 2014-06-13 09:39 - 000725714 _____ C:\WINDOWS\system32\perfh01D.dat 2018-01-07 10:21 - 2014-06-13 09:39 - 000152568 _____ C:\WINDOWS\system32\perfc01D.dat 2018-01-07 10:21 - 2014-06-13 09:34 - 000436568 _____ C:\WINDOWS\system32\perfh00B.dat 2018-01-07 10:21 - 2014-06-13 09:34 - 000082128 _____ C:\WINDOWS\system32\perfc00B.dat 2018-01-07 10:21 - 2014-06-13 09:29 - 000441798 _____ C:\WINDOWS\system32\perfh014.dat 2018-01-07 10:21 - 2014-06-13 09:29 - 000077450 _____ C:\WINDOWS\system32\perfc014.dat 2018-01-07 10:21 - 2014-06-13 09:24 - 000456706 _____ C:\WINDOWS\system32\perfh006.dat 2018-01-07 10:21 - 2014-06-13 09:24 - 000079958 _____ C:\WINDOWS\system32\perfc006.dat 2018-01-07 10:21 - 2014-03-18 11:53 - 003298972 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-01-07 10:20 - 2014-06-13 10:28 - 000000000 ____D C:\ProgramData\McAfee 2018-01-07 10:20 - 2014-06-13 10:28 - 000000000 ____D C:\Program Files\Common Files\mcafee 2018-01-07 10:20 - 2014-06-13 10:28 - 000000000 ____D C:\Program Files (x86)\McAfee 2018-01-07 10:19 - 2014-06-13 10:30 - 000001871 _____ C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk 2018-01-07 10:14 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-01-07 10:14 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM 2018-01-07 10:13 - 2013-08-22 16:44 - 000346696 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-01-07 10:13 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI 2018-01-07 10:12 - 2014-06-13 10:34 - 000002560 _____ C:\WINDOWS\system32\VfService.trf 2018-01-07 10:06 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-01-07 10:05 - 2017-11-11 10:53 - 000000000 __SHD C:\Users\Viljo\AppData\LocalLow\EmieUserList 2018-01-07 10:05 - 2017-11-11 10:53 - 000000000 __SHD C:\Users\Viljo\AppData\LocalLow\EmieSiteList 2018-01-07 10:04 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache 2018-01-07 10:03 - 2014-06-13 10:41 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo 2018-01-07 09:57 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps 2018-01-07 09:56 - 2017-11-10 02:04 - 000000000 ____D C:\Users\Viljo\AppData\Local\Packages 2018-01-07 09:52 - 2014-04-03 21:15 - 000000000 ___DC C:\WINDOWS\Panther 2018-01-07 09:52 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Windows NT 2018-01-07 09:51 - 2013-08-22 17:36 - 000000000 __RHD C:\Users\Public\Libraries 2018-01-07 09:08 - 2017-11-30 06:58 - 000000000 ____D C:\Users\Viljo\AppData\LocalLow\Mozilla 2018-01-02 18:44 - 2017-11-14 21:47 - 000000000 ____D C:\Users\Viljo\Desktop\leffat 2017-12-08 09:56 - 2017-11-18 22:19 - 000000000 ____D C:\Users\Viljo\Desktop\ ==================== Files in the root of some directories ======= 2018-01-07 09:56 - 2018-01-07 10:15 - 000003899 _____ () C:\Users\Viljo\AppData\Local\BTServer.log ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-13 08:47 ==================== End of FRST.txt ============================
Hei, Lokissa ei näy mitään hälyttävää. Koneeseen on kuitenkin asennettu 3 eri virustorjunta ohjelmaa: Avast COMODO McAfee Ne saattavat tuottaa yhteensopivuus ongelmia keskenään ja syödä tietokoneen suorituskykyä. edit: Muistin käyttöä saadaan pienemmäksi, poistamalla ylimääräiset virusturvaohjelmat taustalta pyörimästä. Jätät vain yhden jonka näet parhaaksi.
Jatkan sen verran edellistä, että kaksi virusohjelmaa poistoon, niiden omalla Removal Tool'illa, mutten niitä on vaikeaa saada poistettua. edit: nuo ovat todennäköinen jumituksen aiheuttaja.
