Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu. Děkuji!

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
iwiboy
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 208
Registrován: 03 črc 2006 18:07

Prosím o kontrolu logu. Děkuji!

#1 Příspěvek od iwiboy »

Preventivně (po dlouhé době):

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tom at 2015-09-11 14:53:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 5 GB (1%) free of 454 GB
Total RAM: 3552 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:54:10, on 11.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal

Running processes:
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera_crashreporter.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
C:\Program Files\trend micro\Tom.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Viber] "C:\Users\Tom\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-21-2314738569-1049633329-3099708649-1004\..\Run: [GoogleChromeAutoLaunch_675E120FA2C26CAA07713AAC7BB1A351] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window (User 'Jana')
O4 - HKUS\S-1-5-21-2314738569-1049633329-3099708649-1004\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User 'Jana')
O4 - HKUS\S-1-5-21-2314738569-1049633329-3099708649-1004\..\Run: [Dropbox Update] "C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c (User 'Jana')
O4 - HKUS\S-1-5-21-2314738569-1049633329-3099708649-1004\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE" (User 'Jana')
O4 - S-1-5-21-2314738569-1049633329-3099708649-1004 Startup: Dropbox.lnk = Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Jana')
O4 - S-1-5-21-2314738569-1049633329-3099708649-1004 User Startup: Dropbox.lnk = Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Jana')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtlISMServ - Realtek - C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 15055 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
C:\windows\system32\vcsFPService.exe
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 1616080
\??\C:\windows\system32\conhost.exe "12504802491729243445-263409532-26975421121301414315657396151894204116-963224979
C:\windows\System32\spoolsv.exe
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtWlan.exe" /i
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3456
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window --flag-switches-begin --flag-switches-end
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files\Tablet\Pen\WacomHost.exe" "C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4824.0.1692747525\1158031133" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9643 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.902.1.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="4824.1.1043699932\1785229976" --font-cache-shared-handle=1776 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="4824.2.825328906\487040150" --font-cache-shared-handle=1676 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="4824.3.1691840409\13846803" --font-cache-shared-handle=1884 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="4824.5.1787232961\1058723538" --font-cache-shared-handle=2168 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="4824.6.2055206694\267967410" --font-cache-shared-handle=2368 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="4824.7.859002948\1587892980" --font-cache-shared-handle=2452 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="4824.8.981371057\1259473245" --font-cache-shared-handle=2524 /prefetch:673131151
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --ran-launcher
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=4132
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=gpu-process --channel="4132.0.612486169\1497610390" --crash-reporter-pid=5024 --enable-mse-h264-support --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,46 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9643 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.902.1.0 --crash-reporter-pid=5024 --enable-mse-h264-support --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=en-GB --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=5024 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4132.2.504735433\752785125" /prefetch:673131151
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=en-GB --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=5024 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4132.3.1859034042\55411150" /prefetch:673131151
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=en-GB --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=5024 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4132.4.217215974\1919933609" /prefetch:673131151
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=en-GB --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=5024 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4132.5.247333754\39413093" /prefetch:673131151
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=en-GB --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=5024 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4132.6.632853679\1472921720" /prefetch:673131151
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=en-GB --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=5024 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4132.7.1640202788\1600355742" /prefetch:673131151
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=en-GB --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=5024 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4132.8.1715550598\1443274836" /prefetch:673131151
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=en-GB --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=5024 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4132.9.1239681032\42808085" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="4824.24.1086612941\1017029212" --font-cache-shared-handle=208 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="4824.25.1067730755\1755003026" --font-cache-shared-handle=5028 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --channel="4824.29.717020674\1507969749" --lang=en-US /prefetch:845217598
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=ppapi --channel="4132.11.994038290\1595748021" --ppapi-flash-args --lang=en-GB --crash-reporter-pid=5024 --enable-mse-h264-support --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=en-GB --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=5024 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4132.12.185471294\1954347963" /prefetch:673131151
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=en-GB --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=5024 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4132.13.576257974\312465563" /prefetch:673131151
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=ppapi --channel="4132.14.2091047744\516971614" --ppapi-flash-args --lang=en-GB --crash-reporter-pid=5024 --enable-mse-h264-support --ignored=" --type=renderer " /prefetch:-632637702
C:\windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Users\Jana\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=en-GB --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=5024 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4132.15.854320901\874923479" /prefetch:673131151

"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Jana\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe -check pepperplugin
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-2314738569-1049633329-3099708649-1004Core.job - C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-2314738569-1049633329-3099708649-1004UA.job - C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8bbba9e3bfaf.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineUA1d000c218124377.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineUA1d040ada8b5331c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2314738569-1049633329-3099708649-1002Core.job - C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2314738569-1049633329-3099708649-1002UA.job - C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2314738569-1049633329-3099708649-1002UA1d04c64e624baaa.job - C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleForHP4535S$.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP4535S$ (null)
C:\windows\tasks\HPCeeScheduleForJana.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForJana (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-05-10 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-22 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-22 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-02-19 2774256]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 116648]
"Zoner Photo Studio Service 16"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"Viber"=C:\Users\Tom\AppData\Local\Viber\Viber.exe [2015-02-03 776400]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-08 8202008]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-09-14 127616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BambooCore]
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [2012-10-16 646744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-09-14 764544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtvStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-09-14 127616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-05-10 12277248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-09-05 184736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-07-15 14904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-11-21 169528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyDriveConnect.exe]
C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [2013-11-29 473496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe]
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-06-20 333728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02 28785792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-26 343168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-02-19 2774256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2012-09-20 1664000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~2\MCAFEE~1\307523~1.318\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk]
C:\PROGRA~2\COMMON~1\LINGEA~1\luc.exe [2011-11-30 267544]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []

C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-09-11 14:39:17 ----D---- C:\SoftPaqDownloadDirectory
2015-09-11 14:38:49 ----D---- C:\HPSDM
2015-09-11 14:32:38 ----D---- C:\ProgramData\HP
2015-09-10 20:05:22 ----D---- C:\ProgramData\ESET
2015-09-09 13:11:28 ----A---- C:\windows\SYSWOW64\InkEd.dll
2015-09-09 13:11:28 ----A---- C:\windows\system32\InkEd.dll
2015-09-09 13:11:26 ----A---- C:\windows\system32\jnwmon.dll
2015-09-09 13:11:23 ----A---- C:\windows\system32\schedsvc.dll
2015-09-09 13:11:15 ----A---- C:\windows\SYSWOW64\tzres.dll
2015-09-09 13:11:15 ----A---- C:\windows\system32\tzres.dll
2015-09-09 13:10:43 ----A---- C:\windows\SYSWOW64\dwmcore.dll
2015-09-09 13:10:43 ----A---- C:\windows\SYSWOW64\dwmapi.dll
2015-09-09 13:10:43 ----A---- C:\windows\system32\dwmcore.dll
2015-09-09 13:10:43 ----A---- C:\windows\system32\dwmapi.dll
2015-09-09 13:10:39 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-09-09 13:10:39 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-09-09 13:10:39 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 13:10:39 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-09-09 13:10:39 ----A---- C:\windows\system32\ieetwcollector.exe
2015-09-09 13:10:38 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-09-09 13:10:38 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-09-09 13:10:38 ----A---- C:\windows\system32\iernonce.dll
2015-09-09 13:10:38 ----A---- C:\windows\system32\ie4uinit.exe
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-09-09 13:10:37 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 13:10:36 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-09-09 13:10:33 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-09-09 13:10:33 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-09-09 13:10:33 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-09-09 13:10:33 ----A---- C:\windows\system32\urlmon.dll
2015-09-09 13:10:33 ----A---- C:\windows\system32\iedkcs32.dll
2015-09-09 13:10:32 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-09-09 13:10:32 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-09-09 13:10:31 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-09-09 13:10:31 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-09-09 13:10:31 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-09-09 13:10:31 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-09-09 13:10:30 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-09-09 13:10:30 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-09-09 13:10:30 ----A---- C:\windows\system32\msfeeds.dll
2015-09-09 13:10:30 ----A---- C:\windows\system32\dxtrans.dll
2015-09-09 13:10:29 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-09-09 13:10:28 ----A---- C:\windows\system32\iesetup.dll
2015-09-09 13:10:28 ----A---- C:\windows\system32\ieapfltr.dll
2015-09-09 13:10:26 ----A---- C:\windows\system32\iertutil.dll
2015-09-09 13:10:24 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 13:10:24 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-09-09 13:10:24 ----A---- C:\windows\system32\vbscript.dll
2015-09-09 13:10:23 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-09-09 13:10:23 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-09-09 13:10:23 ----A---- C:\windows\system32\jsproxy.dll
2015-09-09 13:10:23 ----A---- C:\windows\system32\ieUnatt.exe
2015-09-09 13:10:22 ----A---- C:\windows\system32\dxtmsft.dll
2015-09-09 13:10:21 ----A---- C:\windows\system32\ieui.dll
2015-09-09 13:10:21 ----A---- C:\windows\system32\ieframe.dll
2015-09-09 13:10:20 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-09-09 13:10:20 ----A---- C:\windows\system32\mshtmled.dll
2015-09-09 13:10:19 ----A---- C:\windows\system32\jscript9diag.dll
2015-09-09 13:10:19 ----A---- C:\windows\system32\jscript9.dll
2015-09-09 13:10:19 ----A---- C:\windows\system32\jscript.dll
2015-09-09 13:10:18 ----A---- C:\windows\system32\wininet.dll
2015-09-09 13:10:17 ----A---- C:\windows\system32\MshtmlDac.dll
2015-09-09 13:10:16 ----A---- C:\windows\system32\msrating.dll
2015-09-09 13:10:15 ----A---- C:\windows\system32\mshtml.dll
2015-09-09 13:09:52 ----A---- C:\windows\system32\UtcResources.dll
2015-09-09 13:09:52 ----A---- C:\windows\system32\diagtrack.dll
2015-09-09 13:09:51 ----A---- C:\windows\system32\ntoskrnl.exe
2015-09-09 13:09:50 ----A---- C:\windows\system32\ntdll.dll
2015-09-09 13:09:50 ----A---- C:\windows\system32\kernel32.dll
2015-09-09 13:09:49 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-09-09 13:09:49 ----A---- C:\windows\system32\tdh.dll
2015-09-09 13:09:48 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 13:09:48 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-09-09 13:09:47 ----A---- C:\windows\SYSWOW64\tdh.dll
2015-09-09 13:09:47 ----A---- C:\windows\SYSWOW64\kernel32.dll
2015-09-09 13:09:47 ----A---- C:\windows\SYSWOW64\advapi32.dll
2015-09-09 13:09:47 ----A---- C:\windows\system32\lsasrv.dll
2015-09-09 13:09:47 ----A---- C:\windows\system32\KernelBase.dll
2015-09-09 13:09:47 ----A---- C:\windows\system32\advapi32.dll
2015-09-09 13:09:46 ----A---- C:\windows\system32\wow64.dll
2015-09-09 13:09:46 ----A---- C:\windows\system32\rstrui.exe
2015-09-09 13:09:46 ----A---- C:\windows\system32\rpcrt4.dll
2015-09-09 13:09:45 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-09-09 13:09:45 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-09-09 13:09:45 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\winsrv.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\wdigest.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\srcore.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\smss.exe
2015-09-09 13:09:45 ----A---- C:\windows\system32\schannel.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\msv1_0.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\kerberos.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\csrsrv.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\conhost.exe
2015-09-09 13:09:44 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-09-09 13:09:44 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-09-09 13:09:44 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-09-09 13:09:44 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2015-09-09 13:09:44 ----A---- C:\windows\system32\TSpkg.dll
2015-09-09 13:09:44 ----A---- C:\windows\system32\sspicli.dll
2015-09-09 13:09:44 ----A---- C:\windows\system32\ncrypt.dll
2015-09-09 13:09:44 ----A---- C:\windows\system32\lsass.exe
2015-09-09 13:09:44 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-09-09 13:09:44 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\setup16.exe
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-09-09 13:09:43 ----A---- C:\windows\system32\wow64win.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\sspisrv.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\srclient.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\secur32.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\ntvdm64.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\cryptbase.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\credssp.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\auditpol.exe
2015-09-09 13:09:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 13:09:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 13:09:42 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 13:09:42 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 13:09:42 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 13:09:42 ----A---- C:\windows\SYSWOW64\wow32.dll
2015-09-09 13:09:42 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-09-09 13:09:42 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2015-09-09 13:09:42 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-09-09 13:09:42 ----A---- C:\windows\system32\wow64cpu.dll
2015-09-09 13:09:42 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2015-09-09 13:09:42 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2015-09-09 13:09:42 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 13:09:40 ----A---- C:\windows\SYSWOW64\instnm.exe
2015-09-09 13:09:40 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2015-09-09 13:09:40 ----A---- C:\windows\system32\apisetschema.dll
2015-09-09 13:09:39 ----A---- C:\windows\SYSWOW64\user.exe
2015-09-09 13:09:39 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-09-09 13:09:39 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-09-09 13:09:39 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-09-09 13:09:39 ----A---- C:\windows\system32\msobjs.dll
2015-09-09 13:09:39 ----A---- C:\windows\system32\msaudite.dll
2015-09-09 13:09:39 ----A---- C:\windows\system32\adtschema.dll
2015-09-09 13:08:28 ----A---- C:\windows\SYSWOW64\authui.dll
2015-09-09 13:08:28 ----A---- C:\windows\system32\consent.exe
2015-09-09 13:08:28 ----A---- C:\windows\system32\authui.dll
2015-09-09 13:08:27 ----A---- C:\windows\system32\appinfo.dll
2015-09-09 13:08:01 ----A---- C:\windows\system32\msxml6.dll
2015-09-09 13:08:01 ----A---- C:\windows\system32\msxml3.dll
2015-09-09 13:08:00 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2015-09-09 13:08:00 ----A---- C:\windows\SYSWOW64\msxml6.dll
2015-09-09 13:08:00 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2015-09-09 13:08:00 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-09-09 13:08:00 ----A---- C:\windows\system32\msxml6r.dll
2015-09-09 13:08:00 ----A---- C:\windows\system32\msxml3r.dll
2015-09-09 13:07:40 ----A---- C:\windows\system32\appidpolicyconverter.exe
2015-09-09 13:07:39 ----A---- C:\windows\SYSWOW64\appidapi.dll
2015-09-09 13:07:39 ----A---- C:\windows\system32\appidsvc.dll
2015-09-09 13:07:39 ----A---- C:\windows\system32\appidapi.dll
2015-09-09 13:07:36 ----A---- C:\windows\system32\setbcdlocale.dll
2015-09-09 13:07:36 ----A---- C:\windows\system32\appidcertstorecheck.exe
2015-09-09 13:07:35 ----A---- C:\windows\system32\drivers\appid.sys
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\lpk.dll
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\fontsub.dll
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\dciman32.dll
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\win32k.sys
2015-09-09 13:06:45 ----A---- C:\windows\system32\lpk.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\fontsub.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\dciman32.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\atmlib.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\atmfd.dll
2015-09-09 13:06:40 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-09-09 13:06:40 ----A---- C:\windows\system32\wucltux.dll
2015-09-09 13:06:40 ----A---- C:\windows\system32\wuaueng.dll
2015-09-09 13:06:39 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-09-09 13:06:39 ----A---- C:\windows\SYSWOW64\wups.dll
2015-09-09 13:06:39 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-09-09 13:06:39 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-09-09 13:06:39 ----A---- C:\windows\system32\wuwebv.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wups2.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wups.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wudriver.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wuauclt.exe
2015-09-09 13:06:39 ----A---- C:\windows\system32\wuapp.exe
2015-09-09 13:06:39 ----A---- C:\windows\system32\wuapi.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\WinSetupUI.dll
2015-08-13 14:34:30 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 14:34:30 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 16:28:55 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2015-08-12 14:59:21 ----D---- C:\Users\Tom\AppData\Roaming\WildTangent
2015-08-12 14:59:17 ----A---- C:\windows\system32\invagent.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\generaltel.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\devinv.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\appraiser.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\aeinv.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\acmigration.dll
2015-08-12 14:59:15 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-08-12 14:59:15 ----A---- C:\windows\system32\aepdu.dll
2015-08-12 14:55:51 ----A---- C:\windows\system32\sysmain.dll
2015-08-12 14:55:48 ----A---- C:\windows\system32\drivers\mountmgr.sys
2015-08-12 14:55:40 ----A---- C:\windows\system32\msmmsp.dll
2015-08-12 14:53:01 ----A---- C:\windows\system32\basesrv.dll
2015-08-12 14:49:00 ----A---- C:\windows\SYSWOW64\WebClnt.dll
2015-08-12 14:49:00 ----A---- C:\windows\SYSWOW64\davclnt.dll
2015-08-12 14:49:00 ----A---- C:\windows\system32\WebClnt.dll
2015-08-12 14:49:00 ----A---- C:\windows\system32\davclnt.dll
2015-08-12 14:48:50 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-08-12 14:48:50 ----A---- C:\windows\system32\FntCache.dll
2015-08-12 14:48:50 ----A---- C:\windows\system32\DWrite.dll
2015-08-12 14:48:46 ----A---- C:\windows\system32\d3d10warp.dll
2015-08-12 14:48:45 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2015-08-12 14:48:41 ----A---- C:\windows\SYSWOW64\notepad.exe
2015-08-12 14:48:41 ----A---- C:\windows\system32\notepad.exe
2015-08-12 14:48:41 ----A---- C:\windows\notepad.exe
2015-08-12 14:48:39 ----A---- C:\windows\SYSWOW64\mstscax.dll
2015-08-12 14:48:39 ----A---- C:\windows\system32\mstscax.dll
2015-08-12 14:48:38 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2015-08-12 14:48:38 ----A---- C:\windows\SYSWOW64\aaclient.dll
2015-08-12 14:48:38 ----A---- C:\windows\system32\tsgqec.dll
2015-08-12 14:48:38 ----A---- C:\windows\system32\aaclient.dll
2015-08-12 14:48:34 ----A---- C:\windows\system32\shell32.dll
2015-08-12 14:48:33 ----A---- C:\windows\SYSWOW64\shell32.dll
2015-08-12 14:48:09 ----A---- C:\windows\system32\mcupdate_GenuineIntel.dll

======List of files/folders modified in the last 1 month======

2015-09-11 14:54:03 ----D---- C:\Program Files\trend micro
2015-09-11 14:54:01 ----D---- C:\windows\Temp
2015-09-11 14:45:11 ----D---- C:\windows\Microsoft.NET
2015-09-11 14:45:09 ----RSD---- C:\windows\assembly
2015-09-11 14:38:38 ----SHD---- C:\windows\Installer
2015-09-11 14:37:45 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-09-11 14:35:34 ----SHD---- C:\System Volume Information
2015-09-11 14:33:43 ----D---- C:\swsetup
2015-09-11 14:32:38 ----D---- C:\ProgramData
2015-09-11 14:32:33 ----D---- C:\windows\System32
2015-09-11 14:32:33 ----D---- C:\windows\inf
2015-09-11 14:32:33 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-09-11 14:25:56 ----D---- C:\ProgramData\PDFC
2015-09-11 14:22:02 ----D---- C:\windows\system32\config
2015-09-10 20:55:59 ----D---- C:\windows\SYSWOW64\en-US
2015-09-10 20:55:59 ----D---- C:\windows\SysWOW64
2015-09-10 20:55:59 ----D---- C:\windows\ehome
2015-09-10 20:55:59 ----D---- C:\Program Files\Windows Journal
2015-09-10 20:55:58 ----D---- C:\windows\system32\en-US
2015-09-10 20:55:58 ----D---- C:\Program Files\Internet Explorer
2015-09-10 20:55:55 ----D---- C:\windows\PolicyDefinitions
2015-09-10 20:55:53 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-10 20:55:48 ----D---- C:\windows\system32\drivers
2015-09-10 20:55:48 ----D---- C:\windows\AppPatch
2015-09-10 20:55:45 ----D---- C:\windows\system32\Boot
2015-09-10 20:52:49 ----D---- C:\windows\winsxs
2015-09-10 20:07:05 ----D---- C:\windows\system32\DriverStore
2015-09-10 13:15:58 ----D---- C:\windows\system32\MRT
2015-09-09 13:06:08 ----D---- C:\windows\system32\catroot2
2015-09-07 19:05:36 ----D---- C:\windows\Panther
2015-09-07 18:56:35 ----HD---- C:\$Windows.~BT
2015-09-07 13:25:50 ----D---- C:\boot
2015-09-07 11:42:42 ----D---- C:\windows\Logs
2015-08-31 22:43:12 ----D---- C:\windows\Prefetch
2015-08-27 18:27:38 ----RD---- C:\Program Files (x86)
2015-08-27 18:27:29 ----D---- C:\windows\Tasks
2015-08-26 18:37:02 ----A---- C:\windows\system32\MRT.exe
2015-08-21 23:18:37 ----D---- C:\Program Files (x86)\Notepad++
2015-08-18 21:01:28 ----D---- C:\windows\system32\Tasks
2015-08-18 21:01:28 ----D---- C:\Program Files (x86)\Opera
2015-08-15 15:20:21 ----D---- C:\windows\rescache
2015-08-15 08:28:50 ----SD---- C:\windows\system32\CompatTel
2015-08-15 08:28:48 ----D---- C:\windows\system32\appraiser
2015-08-13 14:58:58 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-13 14:58:57 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 14:55:00 ----D---- C:\windows\system32\drivers\en-US
2015-08-13 14:54:50 ----D---- C:\Windows
2015-08-12 22:25:34 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2013-08-04 82600]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2013-08-04 42664]
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2015-07-14 255240]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-07-14 178520]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2015-07-14 53360]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2015-07-14 231520]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\amdhub30.sys [2013-06-26 107688]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-10-25 10207744]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-10-25 317952]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\amdxhc.sys [2013-06-26 228008]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2012-09-14 33944]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2011-05-14 25912]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2013-01-30 175928]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-01-30 708200]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2012-12-19 1064184]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-09-20 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2015-02-19 524016]
R3 usbfilter;AMD USB Filter Driver; C:\windows\system32\DRIVERS\usbfilter.sys [2014-11-14 58536]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2012-09-14 88728]
S3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM; C:\windows\System32\Drivers\AthDfu.sys [2012-08-19 55448]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2012-09-14 344216]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2012-09-14 114840]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2012-09-14 178840]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2012-09-14 77464]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2012-09-14 135832]
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2012-09-14 575128]
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-12-15 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-10 64312]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Users\Tom\AppData\Local\Temp\EverestDriver.sys []
S3 hidkmdf;KMDF Driver; C:\windows\system32\DRIVERS\hidkmdf.sys [2012-10-12 13728]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WacHidRouter;Wacom Hid Router; C:\windows\system32\DRIVERS\wachidrouter.sys [2012-10-12 81312]
S3 wacommousefilter;Wacom Mouse Filter Driver; C:\windows\system32\DRIVERS\wacommousefilter.sys []
S3 wacomrouterfilter;Wacom Router Filter Driver; C:\windows\system32\DRIVERS\wacomrouterfilter.sys [2012-10-12 15776]
S3 wacomvhid;Wacom Virtual Hid Driver; C:\windows\system32\DRIVERS\wacomvhid.sys []
Nahoru
iwiboy
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 208
Registrován: 03 črc 2006 18:07

2.část logu

#2 Příspěvek od iwiboy »

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-10-25 204288]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-09-14 216192]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-11-10 486224]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-07-15 137272]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-03-23 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-05-10 320512]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-09-24 31040]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 RtlISMServ;RtlISMServ; C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [2011-05-30 40960]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-20 323072]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-03-24 3161904]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2013-01-08 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-09-05 476728]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-13 136120]
S3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-09-05 1420192]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-06 148136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-08-28 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118248
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu. Děkuji!

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
iwiboy
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 208
Registrován: 03 črc 2006 18:07

Re: Prosím o kontrolu logu. Děkuji!

#4 Příspěvek od iwiboy »

Je mi líto, ale ADWcleaner při Cleaning - pár věcí mazal, nebylo toho zase tolik - vyžadoval restart, slíbil pak log, ale nevyskočil na mě, ani jsem ho nenašel (spíš jsem nevěděl, jak ho hledat).

Dám tedy jen Logfile z druhého běhu programu:

# AdwCleaner v5.007 - Logfile created 11/09/2015 at 18:28:39
# Updated 08/09/2015 by Xplode
# Database : 2015-09-08.2 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Tom - HP4535S
# Running from : C:\Users\Jana\Desktop\adwcleaner_5.007.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


########## EOF - \AdwCleaner\AdwCleaner[S2].txt - [558 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118248
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu. Děkuji!

#5 Příspěvek od Rudy »

Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files (x86)\Skype\Toolbars
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8bbba9e3bfaf.job
C:\windows\tasks\GoogleUpdateTaskMachineUA1d000c218124377.job
C:\windows\tasks\GoogleUpdateTaskMachineUA1d040ada8b5331c.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2314738569-1049633329-3099708649-1002Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2314738569-1049633329-3099708649-1002UA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2314738569-1049633329-3099708649-1002UA1d04c64e624baaa.job
C:\PROGRA~2\MCAFEE~1\307523~1.318

:services
c2cautoupdatesvc
c2cpnrsvc

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]/64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]/64

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
iwiboy
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 208
Registrován: 03 črc 2006 18:07

Re: Prosím o kontrolu logu. Děkuji!

#6 Příspěvek od iwiboy »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tom at 2015-09-11 19:55:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 7 GB (2%) free of 454 GB
Total RAM: 3552 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:41, on 11.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Tom.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\RunOnce: [OTM] "C:\Users\Jana\Desktop\OTM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Viber] "C:\Users\Tom\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\RunOnce: [Report] \AdwCleaner\AdwCleaner[C1].txt
O4 - HKUS\S-1-5-21-2314738569-1049633329-3099708649-1004\..\Run: [GoogleChromeAutoLaunch_675E120FA2C26CAA07713AAC7BB1A351] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window (User 'Jana')
O4 - HKUS\S-1-5-21-2314738569-1049633329-3099708649-1004\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User 'Jana')
O4 - HKUS\S-1-5-21-2314738569-1049633329-3099708649-1004\..\Run: [Dropbox Update] "C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c (User 'Jana')
O4 - HKUS\S-1-5-21-2314738569-1049633329-3099708649-1004\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE" (User 'Jana')
O4 - S-1-5-21-2314738569-1049633329-3099708649-1004 Startup: Dropbox.lnk = Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Jana')
O4 - S-1-5-21-2314738569-1049633329-3099708649-1004 User Startup: Dropbox.lnk = Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Jana')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtlISMServ - Realtek - C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 13901 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\windows\system32\Hpservice.exe
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 2542560
\??\C:\windows\system32\conhost.exe "-1720827867481457324-1996335044-3022129441769731236-12271222791699455052456937665
C:\windows\System32\spoolsv.exe
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
taskeng.exe {7D6453A3-6822-4E08-9762-9486FCD77F58}
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtWlan.exe" /i
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2608
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\sppsvc.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3952.0.228894173\1122765858" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9643 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.902.1.0 --ignored=" --type=renderer " /prefetch:822062411
C:\windows\servicing\TrustedInstaller.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.1.1262349263\1225145673" --font-cache-shared-handle=1792 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.2.1162771266\1659554837" --font-cache-shared-handle=1772 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.3.811024576\547656880" --font-cache-shared-handle=2008 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.5.1768517436\600557126" --font-cache-shared-handle=2200 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.6.1968405528\954876910" --font-cache-shared-handle=2276 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.7.1709528608\1331058964" --font-cache-shared-handle=2384 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.8.144195954\1289880937" --font-cache-shared-handle=2456 /prefetch:673131151
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files\Tablet\Pen\WacomHost.exe" "C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Jana\Downloads\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.10.1585508483\1752529387" --font-cache-shared-handle=4240 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.11.915357004\309217039" --font-cache-shared-handle=6224 /prefetch:673131151

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe -check pepperplugin
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-2314738569-1049633329-3099708649-1004Core.job - C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-2314738569-1049633329-3099708649-1004UA.job - C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleForHP4535S$.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP4535S$ (null)
C:\windows\tasks\HPCeeScheduleForJana.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForJana (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-05-10 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-22 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-22 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-02-19 2774256]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 116648]
"Zoner Photo Studio Service 16"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"Viber"=C:\Users\Tom\AppData\Local\Viber\Viber.exe [2015-02-03 776400]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-08 8202008]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=\AdwCleaner\AdwCleaner[C1].txt [2015-09-11 3541]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-09-14 127616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BambooCore]
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [2012-10-16 646744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-09-14 764544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtvStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-09-14 127616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-05-10 12277248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-09-05 184736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-07-15 14904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-11-21 169528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyDriveConnect.exe]
C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [2013-11-29 473496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe]
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-06-20 333728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02 28785792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-26 343168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-02-19 2774256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2012-09-20 1664000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk]
C:\PROGRA~2\COMMON~1\LINGEA~1\luc.exe [2011-11-30 267544]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"OTM"=C:\Users\Jana\Desktop\OTM.exe [2015-09-11 522240]

C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-09-11 19:47:31 ----D---- C:\_OTM
2015-09-11 18:16:03 ----D---- C:\AdwCleaner
2015-09-11 14:39:17 ----D---- C:\SoftPaqDownloadDirectory
2015-09-11 14:38:49 ----D---- C:\HPSDM
2015-09-11 14:32:38 ----D---- C:\ProgramData\HP
2015-09-10 20:05:22 ----D---- C:\ProgramData\ESET
2015-09-09 13:11:28 ----A---- C:\windows\SYSWOW64\InkEd.dll
2015-09-09 13:11:28 ----A---- C:\windows\system32\InkEd.dll
2015-09-09 13:11:26 ----A---- C:\windows\system32\jnwmon.dll
2015-09-09 13:11:23 ----A---- C:\windows\system32\schedsvc.dll
2015-09-09 13:11:15 ----A---- C:\windows\SYSWOW64\tzres.dll
2015-09-09 13:11:15 ----A---- C:\windows\system32\tzres.dll
2015-09-09 13:10:43 ----A---- C:\windows\SYSWOW64\dwmcore.dll
2015-09-09 13:10:43 ----A---- C:\windows\SYSWOW64\dwmapi.dll
2015-09-09 13:10:43 ----A---- C:\windows\system32\dwmcore.dll
2015-09-09 13:10:43 ----A---- C:\windows\system32\dwmapi.dll
2015-09-09 13:10:39 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-09-09 13:10:39 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-09-09 13:10:39 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 13:10:39 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-09-09 13:10:39 ----A---- C:\windows\system32\ieetwcollector.exe
2015-09-09 13:10:38 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-09-09 13:10:38 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-09-09 13:10:38 ----A---- C:\windows\system32\iernonce.dll
2015-09-09 13:10:38 ----A---- C:\windows\system32\ie4uinit.exe
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-09-09 13:10:37 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 13:10:36 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-09-09 13:10:33 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-09-09 13:10:33 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-09-09 13:10:33 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-09-09 13:10:33 ----A---- C:\windows\system32\urlmon.dll
2015-09-09 13:10:33 ----A---- C:\windows\system32\iedkcs32.dll
2015-09-09 13:10:32 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-09-09 13:10:32 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-09-09 13:10:31 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-09-09 13:10:31 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-09-09 13:10:31 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-09-09 13:10:31 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-09-09 13:10:30 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-09-09 13:10:30 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-09-09 13:10:30 ----A---- C:\windows\system32\msfeeds.dll
2015-09-09 13:10:30 ----A---- C:\windows\system32\dxtrans.dll
2015-09-09 13:10:29 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-09-09 13:10:28 ----A---- C:\windows\system32\iesetup.dll
2015-09-09 13:10:28 ----A---- C:\windows\system32\ieapfltr.dll
2015-09-09 13:10:26 ----A---- C:\windows\system32\iertutil.dll
2015-09-09 13:10:24 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 13:10:24 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-09-09 13:10:24 ----A---- C:\windows\system32\vbscript.dll
2015-09-09 13:10:23 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-09-09 13:10:23 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-09-09 13:10:23 ----A---- C:\windows\system32\jsproxy.dll
2015-09-09 13:10:23 ----A---- C:\windows\system32\ieUnatt.exe
2015-09-09 13:10:22 ----A---- C:\windows\system32\dxtmsft.dll
2015-09-09 13:10:21 ----A---- C:\windows\system32\ieui.dll
2015-09-09 13:10:21 ----A---- C:\windows\system32\ieframe.dll
2015-09-09 13:10:20 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-09-09 13:10:20 ----A---- C:\windows\system32\mshtmled.dll
2015-09-09 13:10:19 ----A---- C:\windows\system32\jscript9diag.dll
2015-09-09 13:10:19 ----A---- C:\windows\system32\jscript9.dll
2015-09-09 13:10:19 ----A---- C:\windows\system32\jscript.dll
2015-09-09 13:10:18 ----A---- C:\windows\system32\wininet.dll
2015-09-09 13:10:17 ----A---- C:\windows\system32\MshtmlDac.dll
2015-09-09 13:10:16 ----A---- C:\windows\system32\msrating.dll
2015-09-09 13:10:15 ----A---- C:\windows\system32\mshtml.dll
2015-09-09 13:09:52 ----A---- C:\windows\system32\UtcResources.dll
2015-09-09 13:09:52 ----A---- C:\windows\system32\diagtrack.dll
2015-09-09 13:09:51 ----A---- C:\windows\system32\ntoskrnl.exe
2015-09-09 13:09:50 ----A---- C:\windows\system32\ntdll.dll
2015-09-09 13:09:50 ----A---- C:\windows\system32\kernel32.dll
2015-09-09 13:09:49 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-09-09 13:09:49 ----A---- C:\windows\system32\tdh.dll
2015-09-09 13:09:48 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 13:09:48 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-09-09 13:09:47 ----A---- C:\windows\SYSWOW64\tdh.dll
2015-09-09 13:09:47 ----A---- C:\windows\SYSWOW64\kernel32.dll
2015-09-09 13:09:47 ----A---- C:\windows\SYSWOW64\advapi32.dll
2015-09-09 13:09:47 ----A---- C:\windows\system32\lsasrv.dll
2015-09-09 13:09:47 ----A---- C:\windows\system32\KernelBase.dll
2015-09-09 13:09:47 ----A---- C:\windows\system32\advapi32.dll
2015-09-09 13:09:46 ----A---- C:\windows\system32\wow64.dll
2015-09-09 13:09:46 ----A---- C:\windows\system32\rstrui.exe
2015-09-09 13:09:46 ----A---- C:\windows\system32\rpcrt4.dll
2015-09-09 13:09:45 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-09-09 13:09:45 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-09-09 13:09:45 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\winsrv.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\wdigest.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\srcore.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\smss.exe
2015-09-09 13:09:45 ----A---- C:\windows\system32\schannel.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\msv1_0.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\kerberos.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\csrsrv.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\conhost.exe
2015-09-09 13:09:44 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-09-09 13:09:44 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-09-09 13:09:44 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-09-09 13:09:44 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2015-09-09 13:09:44 ----A---- C:\windows\system32\TSpkg.dll
2015-09-09 13:09:44 ----A---- C:\windows\system32\sspicli.dll
2015-09-09 13:09:44 ----A---- C:\windows\system32\ncrypt.dll
2015-09-09 13:09:44 ----A---- C:\windows\system32\lsass.exe
2015-09-09 13:09:44 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-09-09 13:09:44 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\setup16.exe
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-09-09 13:09:43 ----A---- C:\windows\system32\wow64win.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\sspisrv.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\srclient.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\secur32.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\ntvdm64.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\cryptbase.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\credssp.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\auditpol.exe
2015-09-09 13:09:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 13:09:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 13:09:42 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 13:09:42 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 13:09:42 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 13:09:42 ----A---- C:\windows\SYSWOW64\wow32.dll
2015-09-09 13:09:42 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-09-09 13:09:42 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2015-09-09 13:09:42 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-09-09 13:09:42 ----A---- C:\windows\system32\wow64cpu.dll
2015-09-09 13:09:42 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2015-09-09 13:09:42 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2015-09-09 13:09:42 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 13:09:40 ----A---- C:\windows\SYSWOW64\instnm.exe
2015-09-09 13:09:40 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2015-09-09 13:09:40 ----A---- C:\windows\system32\apisetschema.dll
2015-09-09 13:09:39 ----A---- C:\windows\SYSWOW64\user.exe
2015-09-09 13:09:39 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-09-09 13:09:39 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-09-09 13:09:39 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-09-09 13:09:39 ----A---- C:\windows\system32\msobjs.dll
2015-09-09 13:09:39 ----A---- C:\windows\system32\msaudite.dll
2015-09-09 13:09:39 ----A---- C:\windows\system32\adtschema.dll
2015-09-09 13:08:28 ----A---- C:\windows\SYSWOW64\authui.dll
2015-09-09 13:08:28 ----A---- C:\windows\system32\consent.exe
2015-09-09 13:08:28 ----A---- C:\windows\system32\authui.dll
2015-09-09 13:08:27 ----A---- C:\windows\system32\appinfo.dll
2015-09-09 13:08:01 ----A---- C:\windows\system32\msxml6.dll
2015-09-09 13:08:01 ----A---- C:\windows\system32\msxml3.dll
2015-09-09 13:08:00 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2015-09-09 13:08:00 ----A---- C:\windows\SYSWOW64\msxml6.dll
2015-09-09 13:08:00 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2015-09-09 13:08:00 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-09-09 13:08:00 ----A---- C:\windows\system32\msxml6r.dll
2015-09-09 13:08:00 ----A---- C:\windows\system32\msxml3r.dll
2015-09-09 13:07:40 ----A---- C:\windows\system32\appidpolicyconverter.exe
2015-09-09 13:07:39 ----A---- C:\windows\SYSWOW64\appidapi.dll
2015-09-09 13:07:39 ----A---- C:\windows\system32\appidsvc.dll
2015-09-09 13:07:39 ----A---- C:\windows\system32\appidapi.dll
2015-09-09 13:07:36 ----A---- C:\windows\system32\setbcdlocale.dll
2015-09-09 13:07:36 ----A---- C:\windows\system32\appidcertstorecheck.exe
2015-09-09 13:07:35 ----A---- C:\windows\system32\drivers\appid.sys
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\lpk.dll
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\fontsub.dll
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\dciman32.dll
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\win32k.sys
2015-09-09 13:06:45 ----A---- C:\windows\system32\lpk.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\fontsub.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\dciman32.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\atmlib.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\atmfd.dll
2015-09-09 13:06:40 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-09-09 13:06:40 ----A---- C:\windows\system32\wucltux.dll
2015-09-09 13:06:40 ----A---- C:\windows\system32\wuaueng.dll
2015-09-09 13:06:39 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-09-09 13:06:39 ----A---- C:\windows\SYSWOW64\wups.dll
2015-09-09 13:06:39 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-09-09 13:06:39 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-09-09 13:06:39 ----A---- C:\windows\system32\wuwebv.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wups2.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wups.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wudriver.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wuauclt.exe
2015-09-09 13:06:39 ----A---- C:\windows\system32\wuapp.exe
2015-09-09 13:06:39 ----A---- C:\windows\system32\wuapi.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\WinSetupUI.dll
2015-08-13 14:34:30 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 14:34:30 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 16:28:55 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2015-08-12 14:59:21 ----D---- C:\Users\Tom\AppData\Roaming\WildTangent
2015-08-12 14:59:17 ----A---- C:\windows\system32\invagent.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\generaltel.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\devinv.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\appraiser.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\aeinv.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\acmigration.dll
2015-08-12 14:59:15 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-08-12 14:59:15 ----A---- C:\windows\system32\aepdu.dll
2015-08-12 14:55:51 ----A---- C:\windows\system32\sysmain.dll
2015-08-12 14:55:48 ----A---- C:\windows\system32\drivers\mountmgr.sys
2015-08-12 14:55:40 ----A---- C:\windows\system32\msmmsp.dll
2015-08-12 14:53:01 ----A---- C:\windows\system32\basesrv.dll
2015-08-12 14:49:00 ----A---- C:\windows\SYSWOW64\WebClnt.dll
2015-08-12 14:49:00 ----A---- C:\windows\SYSWOW64\davclnt.dll
2015-08-12 14:49:00 ----A---- C:\windows\system32\WebClnt.dll
2015-08-12 14:49:00 ----A---- C:\windows\system32\davclnt.dll
2015-08-12 14:48:50 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-08-12 14:48:50 ----A---- C:\windows\system32\FntCache.dll
2015-08-12 14:48:50 ----A---- C:\windows\system32\DWrite.dll
2015-08-12 14:48:46 ----A---- C:\windows\system32\d3d10warp.dll
2015-08-12 14:48:45 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2015-08-12 14:48:41 ----A---- C:\windows\SYSWOW64\notepad.exe
2015-08-12 14:48:41 ----A---- C:\windows\system32\notepad.exe
2015-08-12 14:48:41 ----A---- C:\windows\notepad.exe
2015-08-12 14:48:39 ----A---- C:\windows\SYSWOW64\mstscax.dll
2015-08-12 14:48:39 ----A---- C:\windows\system32\mstscax.dll
2015-08-12 14:48:38 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2015-08-12 14:48:38 ----A---- C:\windows\SYSWOW64\aaclient.dll
2015-08-12 14:48:38 ----A---- C:\windows\system32\tsgqec.dll
2015-08-12 14:48:38 ----A---- C:\windows\system32\aaclient.dll
2015-08-12 14:48:34 ----A---- C:\windows\system32\shell32.dll
2015-08-12 14:48:33 ----A---- C:\windows\SYSWOW64\shell32.dll
2015-08-12 14:48:09 ----A---- C:\windows\system32\mcupdate_GenuineIntel.dll

======List of files/folders modified in the last 1 month======

2015-09-11 19:55:36 ----D---- C:\Program Files\trend micro
2015-09-11 19:55:34 ----D---- C:\windows\Temp
2015-09-11 19:53:32 ----D---- C:\windows\system32\config
2015-09-11 19:53:17 ----D---- C:\ProgramData\PDFC
2015-09-11 19:47:40 ----D---- C:\windows\Tasks
2015-09-11 19:47:39 ----RD---- C:\Program Files (x86)\Skype
2015-09-11 18:22:10 ----D---- C:\ProgramData
2015-09-11 15:29:34 ----D---- C:\windows\Microsoft.NET
2015-09-11 15:29:28 ----RSD---- C:\windows\assembly
2015-09-11 14:38:38 ----SHD---- C:\windows\Installer
2015-09-11 14:37:45 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-09-11 14:35:34 ----SHD---- C:\System Volume Information
2015-09-11 14:33:43 ----D---- C:\swsetup
2015-09-11 14:32:33 ----D---- C:\windows\System32
2015-09-11 14:32:33 ----D---- C:\windows\inf
2015-09-11 14:32:33 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-09-10 20:55:59 ----D---- C:\windows\SYSWOW64\en-US
2015-09-10 20:55:59 ----D---- C:\windows\SysWOW64
2015-09-10 20:55:59 ----D---- C:\windows\ehome
2015-09-10 20:55:59 ----D---- C:\Program Files\Windows Journal
2015-09-10 20:55:58 ----D---- C:\windows\system32\en-US
2015-09-10 20:55:58 ----D---- C:\Program Files\Internet Explorer
2015-09-10 20:55:55 ----D---- C:\windows\PolicyDefinitions
2015-09-10 20:55:53 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-10 20:55:48 ----D---- C:\windows\system32\drivers
2015-09-10 20:55:48 ----D---- C:\windows\AppPatch
2015-09-10 20:55:45 ----D---- C:\windows\system32\Boot
2015-09-10 20:52:49 ----D---- C:\windows\winsxs
2015-09-10 20:07:05 ----D---- C:\windows\system32\DriverStore
2015-09-10 13:56:13 ----D---- C:\windows\system32\MRT
2015-09-09 13:06:08 ----D---- C:\windows\system32\catroot2
2015-09-07 19:05:36 ----D---- C:\windows\Panther
2015-09-07 18:56:35 ----HD---- C:\$Windows.~BT
2015-09-07 13:25:50 ----D---- C:\boot
2015-09-07 11:42:42 ----D---- C:\windows\Logs
2015-08-31 22:43:12 ----D---- C:\windows\Prefetch
2015-08-27 18:27:38 ----RD---- C:\Program Files (x86)
2015-08-26 18:37:02 ----A---- C:\windows\system32\MRT.exe
2015-08-21 23:18:37 ----D---- C:\Program Files (x86)\Notepad++
2015-08-18 21:01:28 ----D---- C:\windows\system32\Tasks
2015-08-18 21:01:28 ----D---- C:\Program Files (x86)\Opera
2015-08-15 15:20:21 ----D---- C:\windows\rescache
2015-08-15 08:28:50 ----SD---- C:\windows\system32\CompatTel
2015-08-15 08:28:48 ----D---- C:\windows\system32\appraiser
2015-08-13 14:58:58 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-13 14:58:57 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 14:55:00 ----D---- C:\windows\system32\drivers\en-US
2015-08-13 14:54:50 ----D---- C:\Windows
2015-08-12 22:25:34 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2013-08-04 82600]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2013-08-04 42664]
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2015-07-14 255240]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-07-14 178520]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2015-07-14 53360]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2015-07-14 231520]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\amdhub30.sys [2013-06-26 107688]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-10-25 10207744]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-10-25 317952]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\amdxhc.sys [2013-06-26 228008]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2012-09-14 33944]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2011-05-14 25912]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2013-01-30 175928]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-01-30 708200]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2012-12-19 1064184]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-09-20 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2015-02-19 524016]
R3 usbfilter;AMD USB Filter Driver; C:\windows\system32\DRIVERS\usbfilter.sys [2014-11-14 58536]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2012-09-14 88728]
S3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM; C:\windows\System32\Drivers\AthDfu.sys [2012-08-19 55448]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2012-09-14 344216]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2012-09-14 114840]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2012-09-14 178840]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2012-09-14 77464]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2012-09-14 135832]
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2012-09-14 575128]
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-12-15 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-10 64312]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Users\Tom\AppData\Local\Temp\EverestDriver.sys []
S3 hidkmdf;KMDF Driver; C:\windows\system32\DRIVERS\hidkmdf.sys [2012-10-12 13728]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WacHidRouter;Wacom Hid Router; C:\windows\system32\DRIVERS\wachidrouter.sys [2012-10-12 81312]
S3 wacommousefilter;Wacom Mouse Filter Driver; C:\windows\system32\DRIVERS\wacommousefilter.sys []
S3 wacomrouterfilter;Wacom Router Filter Driver; C:\windows\system32\DRIVERS\wacomrouterfilter.sys [2012-10-12 15776]
S3 wacomvhid;Wacom Virtual Hid Driver; C:\windows\system32\DRIVERS\wacomvhid.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-10-25 204288]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-09-14 216192]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-11-10 486224]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-07-15 137272]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-03-23 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-05-10 320512]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-09-24 31040]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 RtlISMServ;RtlISMServ; C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [2011-05-30 40960]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-20 323072]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-03-24 3161904]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2013-01-08 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-09-05 476728]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-13 136120]
S3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-09-05 1420192]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-06 148136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-08-28 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
iwiboy
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 208
Registrován: 03 črc 2006 18:07

Re: Prosím o kontrolu logu. Děkuji!

#7 Příspěvek od iwiboy »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tom at 2015-09-11 19:55:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 7 GB (2%) free of 454 GB
Total RAM: 3552 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:41, on 11.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Tom.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\RunOnce: [OTM] "C:\Users\Jana\Desktop\OTM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Viber] "C:\Users\Tom\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\RunOnce: [Report] \AdwCleaner\AdwCleaner[C1].txt
O4 - HKUS\S-1-5-21-2314738569-1049633329-3099708649-1004\..\Run: [GoogleChromeAutoLaunch_675E120FA2C26CAA07713AAC7BB1A351] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window (User 'Jana')
O4 - HKUS\S-1-5-21-2314738569-1049633329-3099708649-1004\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User 'Jana')
O4 - HKUS\S-1-5-21-2314738569-1049633329-3099708649-1004\..\Run: [Dropbox Update] "C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c (User 'Jana')
O4 - HKUS\S-1-5-21-2314738569-1049633329-3099708649-1004\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE" (User 'Jana')
O4 - S-1-5-21-2314738569-1049633329-3099708649-1004 Startup: Dropbox.lnk = Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Jana')
O4 - S-1-5-21-2314738569-1049633329-3099708649-1004 User Startup: Dropbox.lnk = Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Jana')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtlISMServ - Realtek - C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 13901 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\windows\system32\Hpservice.exe
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 2542560
\??\C:\windows\system32\conhost.exe "-1720827867481457324-1996335044-3022129441769731236-12271222791699455052456937665
C:\windows\System32\spoolsv.exe
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
taskeng.exe {7D6453A3-6822-4E08-9762-9486FCD77F58}
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtWlan.exe" /i
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2608
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\sppsvc.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3952.0.228894173\1122765858" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9643 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.902.1.0 --ignored=" --type=renderer " /prefetch:822062411
C:\windows\servicing\TrustedInstaller.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.1.1262349263\1225145673" --font-cache-shared-handle=1792 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.2.1162771266\1659554837" --font-cache-shared-handle=1772 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.3.811024576\547656880" --font-cache-shared-handle=2008 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.5.1768517436\600557126" --font-cache-shared-handle=2200 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.6.1968405528\954876910" --font-cache-shared-handle=2276 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.7.1709528608\1331058964" --font-cache-shared-handle=2384 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.8.144195954\1289880937" --font-cache-shared-handle=2456 /prefetch:673131151
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files\Tablet\Pen\WacomHost.exe" "C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Jana\Downloads\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.10.1585508483\1752529387" --font-cache-shared-handle=4240 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_56/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3952.11.915357004\309217039" --font-cache-shared-handle=6224 /prefetch:673131151

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe -check pepperplugin
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-2314738569-1049633329-3099708649-1004Core.job - C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-2314738569-1049633329-3099708649-1004UA.job - C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleForHP4535S$.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP4535S$ (null)
C:\windows\tasks\HPCeeScheduleForJana.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForJana (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-05-10 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-22 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-22 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-02-19 2774256]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 116648]
"Zoner Photo Studio Service 16"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"Viber"=C:\Users\Tom\AppData\Local\Viber\Viber.exe [2015-02-03 776400]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-08 8202008]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=\AdwCleaner\AdwCleaner[C1].txt [2015-09-11 3541]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-09-14 127616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BambooCore]
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [2012-10-16 646744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-09-14 764544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtvStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-09-14 127616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-05-10 12277248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-09-05 184736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-07-15 14904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-11-21 169528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyDriveConnect.exe]
C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [2013-11-29 473496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe]
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-06-20 333728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02 28785792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-26 343168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-02-19 2774256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2012-09-20 1664000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk]
C:\PROGRA~2\COMMON~1\LINGEA~1\luc.exe [2011-11-30 267544]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"OTM"=C:\Users\Jana\Desktop\OTM.exe [2015-09-11 522240]

C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-09-11 19:47:31 ----D---- C:\_OTM
2015-09-11 18:16:03 ----D---- C:\AdwCleaner
2015-09-11 14:39:17 ----D---- C:\SoftPaqDownloadDirectory
2015-09-11 14:38:49 ----D---- C:\HPSDM
2015-09-11 14:32:38 ----D---- C:\ProgramData\HP
2015-09-10 20:05:22 ----D---- C:\ProgramData\ESET
2015-09-09 13:11:28 ----A---- C:\windows\SYSWOW64\InkEd.dll
2015-09-09 13:11:28 ----A---- C:\windows\system32\InkEd.dll
2015-09-09 13:11:26 ----A---- C:\windows\system32\jnwmon.dll
2015-09-09 13:11:23 ----A---- C:\windows\system32\schedsvc.dll
2015-09-09 13:11:15 ----A---- C:\windows\SYSWOW64\tzres.dll
2015-09-09 13:11:15 ----A---- C:\windows\system32\tzres.dll
2015-09-09 13:10:43 ----A---- C:\windows\SYSWOW64\dwmcore.dll
2015-09-09 13:10:43 ----A---- C:\windows\SYSWOW64\dwmapi.dll
2015-09-09 13:10:43 ----A---- C:\windows\system32\dwmcore.dll
2015-09-09 13:10:43 ----A---- C:\windows\system32\dwmapi.dll
2015-09-09 13:10:39 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-09-09 13:10:39 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-09-09 13:10:39 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 13:10:39 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-09-09 13:10:39 ----A---- C:\windows\system32\ieetwcollector.exe
2015-09-09 13:10:38 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-09-09 13:10:38 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-09-09 13:10:38 ----A---- C:\windows\system32\iernonce.dll
2015-09-09 13:10:38 ----A---- C:\windows\system32\ie4uinit.exe
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 13:10:37 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-09-09 13:10:37 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 13:10:36 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-09-09 13:10:33 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-09-09 13:10:33 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-09-09 13:10:33 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-09-09 13:10:33 ----A---- C:\windows\system32\urlmon.dll
2015-09-09 13:10:33 ----A---- C:\windows\system32\iedkcs32.dll
2015-09-09 13:10:32 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-09-09 13:10:32 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-09-09 13:10:31 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-09-09 13:10:31 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-09-09 13:10:31 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-09-09 13:10:31 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-09-09 13:10:30 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-09-09 13:10:30 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-09-09 13:10:30 ----A---- C:\windows\system32\msfeeds.dll
2015-09-09 13:10:30 ----A---- C:\windows\system32\dxtrans.dll
2015-09-09 13:10:29 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-09-09 13:10:28 ----A---- C:\windows\system32\iesetup.dll
2015-09-09 13:10:28 ----A---- C:\windows\system32\ieapfltr.dll
2015-09-09 13:10:26 ----A---- C:\windows\system32\iertutil.dll
2015-09-09 13:10:24 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 13:10:24 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-09-09 13:10:24 ----A---- C:\windows\system32\vbscript.dll
2015-09-09 13:10:23 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-09-09 13:10:23 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-09-09 13:10:23 ----A---- C:\windows\system32\jsproxy.dll
2015-09-09 13:10:23 ----A---- C:\windows\system32\ieUnatt.exe
2015-09-09 13:10:22 ----A---- C:\windows\system32\dxtmsft.dll
2015-09-09 13:10:21 ----A---- C:\windows\system32\ieui.dll
2015-09-09 13:10:21 ----A---- C:\windows\system32\ieframe.dll
2015-09-09 13:10:20 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-09-09 13:10:20 ----A---- C:\windows\system32\mshtmled.dll
2015-09-09 13:10:19 ----A---- C:\windows\system32\jscript9diag.dll
2015-09-09 13:10:19 ----A---- C:\windows\system32\jscript9.dll
2015-09-09 13:10:19 ----A---- C:\windows\system32\jscript.dll
2015-09-09 13:10:18 ----A---- C:\windows\system32\wininet.dll
2015-09-09 13:10:17 ----A---- C:\windows\system32\MshtmlDac.dll
2015-09-09 13:10:16 ----A---- C:\windows\system32\msrating.dll
2015-09-09 13:10:15 ----A---- C:\windows\system32\mshtml.dll
2015-09-09 13:09:52 ----A---- C:\windows\system32\UtcResources.dll
2015-09-09 13:09:52 ----A---- C:\windows\system32\diagtrack.dll
2015-09-09 13:09:51 ----A---- C:\windows\system32\ntoskrnl.exe
2015-09-09 13:09:50 ----A---- C:\windows\system32\ntdll.dll
2015-09-09 13:09:50 ----A---- C:\windows\system32\kernel32.dll
2015-09-09 13:09:49 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-09-09 13:09:49 ----A---- C:\windows\system32\tdh.dll
2015-09-09 13:09:48 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 13:09:48 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-09-09 13:09:47 ----A---- C:\windows\SYSWOW64\tdh.dll
2015-09-09 13:09:47 ----A---- C:\windows\SYSWOW64\kernel32.dll
2015-09-09 13:09:47 ----A---- C:\windows\SYSWOW64\advapi32.dll
2015-09-09 13:09:47 ----A---- C:\windows\system32\lsasrv.dll
2015-09-09 13:09:47 ----A---- C:\windows\system32\KernelBase.dll
2015-09-09 13:09:47 ----A---- C:\windows\system32\advapi32.dll
2015-09-09 13:09:46 ----A---- C:\windows\system32\wow64.dll
2015-09-09 13:09:46 ----A---- C:\windows\system32\rstrui.exe
2015-09-09 13:09:46 ----A---- C:\windows\system32\rpcrt4.dll
2015-09-09 13:09:45 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-09-09 13:09:45 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-09-09 13:09:45 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\winsrv.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\wdigest.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\srcore.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\smss.exe
2015-09-09 13:09:45 ----A---- C:\windows\system32\schannel.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\msv1_0.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\kerberos.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\csrsrv.dll
2015-09-09 13:09:45 ----A---- C:\windows\system32\conhost.exe
2015-09-09 13:09:44 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-09-09 13:09:44 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-09-09 13:09:44 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-09-09 13:09:44 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2015-09-09 13:09:44 ----A---- C:\windows\system32\TSpkg.dll
2015-09-09 13:09:44 ----A---- C:\windows\system32\sspicli.dll
2015-09-09 13:09:44 ----A---- C:\windows\system32\ncrypt.dll
2015-09-09 13:09:44 ----A---- C:\windows\system32\lsass.exe
2015-09-09 13:09:44 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-09-09 13:09:44 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\setup16.exe
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2015-09-09 13:09:43 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-09-09 13:09:43 ----A---- C:\windows\system32\wow64win.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\sspisrv.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\srclient.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\secur32.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\ntvdm64.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\cryptbase.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\credssp.dll
2015-09-09 13:09:43 ----A---- C:\windows\system32\auditpol.exe
2015-09-09 13:09:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 13:09:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 13:09:42 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 13:09:42 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 13:09:42 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 13:09:42 ----A---- C:\windows\SYSWOW64\wow32.dll
2015-09-09 13:09:42 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-09-09 13:09:42 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2015-09-09 13:09:42 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-09-09 13:09:42 ----A---- C:\windows\system32\wow64cpu.dll
2015-09-09 13:09:42 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2015-09-09 13:09:42 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2015-09-09 13:09:42 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 13:09:41 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 13:09:40 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 13:09:40 ----A---- C:\windows\SYSWOW64\instnm.exe
2015-09-09 13:09:40 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2015-09-09 13:09:40 ----A---- C:\windows\system32\apisetschema.dll
2015-09-09 13:09:39 ----A---- C:\windows\SYSWOW64\user.exe
2015-09-09 13:09:39 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-09-09 13:09:39 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-09-09 13:09:39 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-09-09 13:09:39 ----A---- C:\windows\system32\msobjs.dll
2015-09-09 13:09:39 ----A---- C:\windows\system32\msaudite.dll
2015-09-09 13:09:39 ----A---- C:\windows\system32\adtschema.dll
2015-09-09 13:08:28 ----A---- C:\windows\SYSWOW64\authui.dll
2015-09-09 13:08:28 ----A---- C:\windows\system32\consent.exe
2015-09-09 13:08:28 ----A---- C:\windows\system32\authui.dll
2015-09-09 13:08:27 ----A---- C:\windows\system32\appinfo.dll
2015-09-09 13:08:01 ----A---- C:\windows\system32\msxml6.dll
2015-09-09 13:08:01 ----A---- C:\windows\system32\msxml3.dll
2015-09-09 13:08:00 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2015-09-09 13:08:00 ----A---- C:\windows\SYSWOW64\msxml6.dll
2015-09-09 13:08:00 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2015-09-09 13:08:00 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-09-09 13:08:00 ----A---- C:\windows\system32\msxml6r.dll
2015-09-09 13:08:00 ----A---- C:\windows\system32\msxml3r.dll
2015-09-09 13:07:40 ----A---- C:\windows\system32\appidpolicyconverter.exe
2015-09-09 13:07:39 ----A---- C:\windows\SYSWOW64\appidapi.dll
2015-09-09 13:07:39 ----A---- C:\windows\system32\appidsvc.dll
2015-09-09 13:07:39 ----A---- C:\windows\system32\appidapi.dll
2015-09-09 13:07:36 ----A---- C:\windows\system32\setbcdlocale.dll
2015-09-09 13:07:36 ----A---- C:\windows\system32\appidcertstorecheck.exe
2015-09-09 13:07:35 ----A---- C:\windows\system32\drivers\appid.sys
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\lpk.dll
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\fontsub.dll
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\dciman32.dll
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-09-09 13:06:45 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\win32k.sys
2015-09-09 13:06:45 ----A---- C:\windows\system32\lpk.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\fontsub.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\dciman32.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\atmlib.dll
2015-09-09 13:06:45 ----A---- C:\windows\system32\atmfd.dll
2015-09-09 13:06:40 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-09-09 13:06:40 ----A---- C:\windows\system32\wucltux.dll
2015-09-09 13:06:40 ----A---- C:\windows\system32\wuaueng.dll
2015-09-09 13:06:39 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-09-09 13:06:39 ----A---- C:\windows\SYSWOW64\wups.dll
2015-09-09 13:06:39 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-09-09 13:06:39 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-09-09 13:06:39 ----A---- C:\windows\system32\wuwebv.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wups2.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wups.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wudriver.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wuauclt.exe
2015-09-09 13:06:39 ----A---- C:\windows\system32\wuapp.exe
2015-09-09 13:06:39 ----A---- C:\windows\system32\wuapi.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-09-09 13:06:39 ----A---- C:\windows\system32\WinSetupUI.dll
2015-08-13 14:34:30 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 14:34:30 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 16:28:55 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2015-08-12 14:59:21 ----D---- C:\Users\Tom\AppData\Roaming\WildTangent
2015-08-12 14:59:17 ----A---- C:\windows\system32\invagent.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\generaltel.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\devinv.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\appraiser.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\aeinv.dll
2015-08-12 14:59:17 ----A---- C:\windows\system32\acmigration.dll
2015-08-12 14:59:15 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-08-12 14:59:15 ----A---- C:\windows\system32\aepdu.dll
2015-08-12 14:55:51 ----A---- C:\windows\system32\sysmain.dll
2015-08-12 14:55:48 ----A---- C:\windows\system32\drivers\mountmgr.sys
2015-08-12 14:55:40 ----A---- C:\windows\system32\msmmsp.dll
2015-08-12 14:53:01 ----A---- C:\windows\system32\basesrv.dll
2015-08-12 14:49:00 ----A---- C:\windows\SYSWOW64\WebClnt.dll
2015-08-12 14:49:00 ----A---- C:\windows\SYSWOW64\davclnt.dll
2015-08-12 14:49:00 ----A---- C:\windows\system32\WebClnt.dll
2015-08-12 14:49:00 ----A---- C:\windows\system32\davclnt.dll
2015-08-12 14:48:50 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-08-12 14:48:50 ----A---- C:\windows\system32\FntCache.dll
2015-08-12 14:48:50 ----A---- C:\windows\system32\DWrite.dll
2015-08-12 14:48:46 ----A---- C:\windows\system32\d3d10warp.dll
2015-08-12 14:48:45 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2015-08-12 14:48:41 ----A---- C:\windows\SYSWOW64\notepad.exe
2015-08-12 14:48:41 ----A---- C:\windows\system32\notepad.exe
2015-08-12 14:48:41 ----A---- C:\windows\notepad.exe
2015-08-12 14:48:39 ----A---- C:\windows\SYSWOW64\mstscax.dll
2015-08-12 14:48:39 ----A---- C:\windows\system32\mstscax.dll
2015-08-12 14:48:38 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2015-08-12 14:48:38 ----A---- C:\windows\SYSWOW64\aaclient.dll
2015-08-12 14:48:38 ----A---- C:\windows\system32\tsgqec.dll
2015-08-12 14:48:38 ----A---- C:\windows\system32\aaclient.dll
2015-08-12 14:48:34 ----A---- C:\windows\system32\shell32.dll
2015-08-12 14:48:33 ----A---- C:\windows\SYSWOW64\shell32.dll
2015-08-12 14:48:09 ----A---- C:\windows\system32\mcupdate_GenuineIntel.dll

======List of files/folders modified in the last 1 month======

2015-09-11 19:55:36 ----D---- C:\Program Files\trend micro
2015-09-11 19:55:34 ----D---- C:\windows\Temp
2015-09-11 19:53:32 ----D---- C:\windows\system32\config
2015-09-11 19:53:17 ----D---- C:\ProgramData\PDFC
2015-09-11 19:47:40 ----D---- C:\windows\Tasks
2015-09-11 19:47:39 ----RD---- C:\Program Files (x86)\Skype
2015-09-11 18:22:10 ----D---- C:\ProgramData
2015-09-11 15:29:34 ----D---- C:\windows\Microsoft.NET
2015-09-11 15:29:28 ----RSD---- C:\windows\assembly
2015-09-11 14:38:38 ----SHD---- C:\windows\Installer
2015-09-11 14:37:45 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-09-11 14:35:34 ----SHD---- C:\System Volume Information
2015-09-11 14:33:43 ----D---- C:\swsetup
2015-09-11 14:32:33 ----D---- C:\windows\System32
2015-09-11 14:32:33 ----D---- C:\windows\inf
2015-09-11 14:32:33 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-09-10 20:55:59 ----D---- C:\windows\SYSWOW64\en-US
2015-09-10 20:55:59 ----D---- C:\windows\SysWOW64
2015-09-10 20:55:59 ----D---- C:\windows\ehome
2015-09-10 20:55:59 ----D---- C:\Program Files\Windows Journal
2015-09-10 20:55:58 ----D---- C:\windows\system32\en-US
2015-09-10 20:55:58 ----D---- C:\Program Files\Internet Explorer
2015-09-10 20:55:55 ----D---- C:\windows\PolicyDefinitions
2015-09-10 20:55:53 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-10 20:55:48 ----D---- C:\windows\system32\drivers
2015-09-10 20:55:48 ----D---- C:\windows\AppPatch
2015-09-10 20:55:45 ----D---- C:\windows\system32\Boot
2015-09-10 20:52:49 ----D---- C:\windows\winsxs
2015-09-10 20:07:05 ----D---- C:\windows\system32\DriverStore
2015-09-10 13:56:13 ----D---- C:\windows\system32\MRT
2015-09-09 13:06:08 ----D---- C:\windows\system32\catroot2
2015-09-07 19:05:36 ----D---- C:\windows\Panther
2015-09-07 18:56:35 ----HD---- C:\$Windows.~BT
2015-09-07 13:25:50 ----D---- C:\boot
2015-09-07 11:42:42 ----D---- C:\windows\Logs
2015-08-31 22:43:12 ----D---- C:\windows\Prefetch
2015-08-27 18:27:38 ----RD---- C:\Program Files (x86)
2015-08-26 18:37:02 ----A---- C:\windows\system32\MRT.exe
2015-08-21 23:18:37 ----D---- C:\Program Files (x86)\Notepad++
2015-08-18 21:01:28 ----D---- C:\windows\system32\Tasks
2015-08-18 21:01:28 ----D---- C:\Program Files (x86)\Opera
2015-08-15 15:20:21 ----D---- C:\windows\rescache
2015-08-15 08:28:50 ----SD---- C:\windows\system32\CompatTel
2015-08-15 08:28:48 ----D---- C:\windows\system32\appraiser
2015-08-13 14:58:58 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-13 14:58:57 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 14:55:00 ----D---- C:\windows\system32\drivers\en-US
2015-08-13 14:54:50 ----D---- C:\Windows
2015-08-12 22:25:34 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2013-08-04 82600]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2013-08-04 42664]
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2015-07-14 255240]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-07-14 178520]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2015-07-14 53360]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2015-07-14 231520]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\amdhub30.sys [2013-06-26 107688]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-10-25 10207744]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-10-25 317952]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\amdxhc.sys [2013-06-26 228008]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2012-09-14 33944]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2011-05-14 25912]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2013-01-30 175928]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-01-30 708200]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2012-12-19 1064184]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-09-20 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2015-02-19 524016]
R3 usbfilter;AMD USB Filter Driver; C:\windows\system32\DRIVERS\usbfilter.sys [2014-11-14 58536]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2012-09-14 88728]
S3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM; C:\windows\System32\Drivers\AthDfu.sys [2012-08-19 55448]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2012-09-14 344216]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2012-09-14 114840]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2012-09-14 178840]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2012-09-14 77464]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2012-09-14 135832]
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2012-09-14 575128]
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-12-15 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-10 64312]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Users\Tom\AppData\Local\Temp\EverestDriver.sys []
S3 hidkmdf;KMDF Driver; C:\windows\system32\DRIVERS\hidkmdf.sys [2012-10-12 13728]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WacHidRouter;Wacom Hid Router; C:\windows\system32\DRIVERS\wachidrouter.sys [2012-10-12 81312]
S3 wacommousefilter;Wacom Mouse Filter Driver; C:\windows\system32\DRIVERS\wacommousefilter.sys []
S3 wacomrouterfilter;Wacom Router Filter Driver; C:\windows\system32\DRIVERS\wacomrouterfilter.sys [2012-10-12 15776]
S3 wacomvhid;Wacom Virtual Hid Driver; C:\windows\system32\DRIVERS\wacomvhid.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-10-25 204288]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-09-14 216192]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-11-10 486224]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-07-15 137272]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-03-23 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-05-10 320512]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-09-24 31040]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 RtlISMServ;RtlISMServ; C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [2011-05-30 40960]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-20 323072]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-03-24 3161904]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2013-01-08 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-09-05 476728]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-13 136120]
S3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-09-05 1420192]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-06 148136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-08-28 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118248
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu. Děkuji!

#8 Příspěvek od Rudy »

Log postačí pouze jeden. :) Dvouklikem na soubor C:\Program Files\trend micro\Tom.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
iwiboy
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 208
Registrován: 03 črc 2006 18:07

Re: Prosím o kontrolu logu. Děkuji!

#9 Příspěvek od iwiboy »

Děkuji! Jistě mohu konstatovat, že mi systém takhle s běžícím prohlížečem Chrome (a nic jiného po restartu jsem nerozjížděl) bere jen necelý 2GB paměti, předtím to bylo přes 3.5GB.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118248
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu. Děkuji!

#10 Příspěvek od Rudy »

Takže vše OK?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
iwiboy
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 208
Registrován: 03 črc 2006 18:07

Re: Prosím o kontrolu logu. Děkuji!

#11 Příspěvek od iwiboy »

Dle mého názoru OK. Jen zase mi systém bere dle Správce úloh 2.8 GB RAM.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118248
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu. Děkuji!

#12 Příspěvek od Rudy »

Tak ještě spustíme MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
iwiboy
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 208
Registrován: 03 črc 2006 18:07

Re: Prosím o kontrolu logu. Děkuji!

#13 Příspěvek od iwiboy »

Díky!

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 12.9.2015
Čas skenování: 7:34
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.12.01
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Tom

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 426174
Uplynulý čas: 41 min, 18 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118248
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu. Děkuji!

#14 Příspěvek od Rudy »

Po stránce malware OK. Na zkoušku přeinstalujte antivir.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
iwiboy
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 208
Registrován: 03 črc 2006 18:07

Re: Prosím o kontrolu logu. Děkuji!

#15 Příspěvek od iwiboy »

Když by to mělo být antivirem? Tak to bych zkusit mohl. Zatím díky!
Nahoru
Odpovědět

Zpět na „Sekce pouze pro Vzorné návštěvníky“