Problemy se sítí
Napsal: 29 kvě 2014 08:20
Prosim o kontrolu logu, v utery jsem zaznamenal problemy s chatem na webmailu od google, nechtel se pripojit i kdyz na jinem pc bezel. Po restartu uz mi nesla ani stranka mail.google.com. Projel jsem nasledne PC nod32, ktery nenasel nic a spybot take nic kritickeho nedetekoval. Vcera se mi parkrat stalo ze vypadlo spojeni na internet, byl jsem schopen pingnout jen lokalni zarizeni i kdyz vsem ostatnim internet bezel, pomohlo prepojeni na wifi nebo reset sitoveho pripojeni.
Diky.
S.
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2014-05-29 09:04:05
Microsoft Windows 8.1 Pro
System drive C: has 7 GB (11%) free of 60 GB
Total RAM: 8106 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:04:11, on 29. 5. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal
Running processes:
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
O4 - HKCU\..\Run: [HP Officejet Pro 8500 A910 (NET)] "C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem51.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11645 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
dashost.exe {94e68946-efb5-49aa-88ec2f2d61df4b34}
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-399fe034-9769-4c1e-bce8-41ac4eccaf79 -SystemEventPortName:HostProcess-4aee653c-2f6b-4fa7-b542-e30691670ad4 -IoCancelEventPortName:HostProcess-48829f6d-f336-4d2d-a5f7-91eb13d8790c -NonStateChangingEventPortName:HostProcess-84cfa397-05c6-4770-ac32-dd5f0ec67db9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:28c138e1-97fb-413b-8b5d-085826c5f8e4 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-23f0b6b5-db29-447e-b92f-80f914595f51 -SystemEventPortName:HostProcess-b4e2c80f-3b54-47fc-972c-a8dfc5999591 -IoCancelEventPortName:HostProcess-979e06e0-9343-4d3d-b77d-ab3ce16036eb -NonStateChangingEventPortName:HostProcess-2e62c632-8418-4226-b83e-6c6fa3b7cc28 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:57993665-cf20-4053-acca-7fb1969ee089 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2a386be2-ce0d-4a21-a734-6f3bdabbf003 -SystemEventPortName:HostProcess-dc693eda-dd70-4472-a8ac-e11785f64f0e -IoCancelEventPortName:HostProcess-ffc5184c-7726-4471-80e5-9b69b007601f -NonStateChangingEventPortName:HostProcess-6a03d5a2-5077-4452-ba3e-25bbaf671a2a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4fd367b4-173b-4277-980f-f1ca0400d10a -DeviceGroupId:
winlogon.exe
"dwm.exe"
taskhostex.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
"C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
taskeng.exe {DFB38BAD-BF14-4BCD-B46D-B4CE59B4470B}
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1760.0.206250824\1900103417" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE"
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1760.5.1705853410\2004158708" /prefetch:673131151
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1760.7.1333736384\1958055698" /prefetch:673131151
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1760.9.1398828768\1695542613" /prefetch:673131151
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1760.11.954498987\1997571921" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1760.12.977683831\380172021" --ppapi-flash-args --lang=en-US --ignored=" --type=renderer " /prefetch:-632637702
"C:\totalcmd\TOTALCMD64.EXE"
taskeng.exe {DD8826C6-A677-4EB2-9B21-16B068F69AA3}
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
"C:\Users\user\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138Core.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138UA.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-04-25 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 2333400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-04-25 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 1728216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-03-04 74288]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"=C:\Program Files\TrueCrypt\TrueCrypt.exe [2014-02-13 1516496]
"HP Officejet Pro 8500 A910 (NET)"=C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-15 116648]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2013-07-19 703888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-04-25 4101584]
[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTVScheduleAgent.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\WINDOWS\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-05-29 09:04:06 ----D---- C:\Program Files\trend micro
2014-05-29 09:04:05 ----D---- C:\rsit
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-05-28 17:53:00 ----A---- C:\WINDOWS\system32\twinui.dll
2014-05-28 17:52:59 ----A---- C:\WINDOWS\system32\shell32.dll
2014-05-28 17:52:58 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-28 17:52:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-05-28 17:52:56 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-28 17:52:55 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\win32k.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\localspl.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\winmde.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\SYSWOW64\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\services.exe
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\swprv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\resutils.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\srcore.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfps.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-05-28 17:48:09 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-05-27 16:43:16 ----A---- C:\WINDOWS\system32\sdnclean64.exe
2014-05-27 16:43:10 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-05-27 16:42:52 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-27 13:21:20 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-27 13:09:15 ----D---- C:\Program Files\CCleaner
2014-05-27 12:15:57 ----D---- C:\ProgramData\ESET
2014-05-27 12:15:57 ----D---- C:\Program Files\ESET
2014-05-24 16:09:25 ----D---- C:\Users\user\AppData\Roaming\KWorld Multimedia
2014-05-24 16:00:42 ----D---- C:\Program Files (x86)\GIGABYTE
2014-05-24 15:59:48 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBTSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\SuperFrameSplitter.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTL283XACCESS.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBT.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFMSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFM.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABMWare.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDAB.dll
2014-05-24 15:59:42 ----D---- C:\WINDOWS\RTL
2014-05-22 19:04:10 ----D---- C:\Users\user\AppData\Roaming\Mozilla
2014-05-17 10:23:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\system32\wusa.exe
2014-05-14 15:14:49 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-05-14 15:14:48 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-05-14 15:14:47 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\storewuauth.dll
2014-05-14 15:14:16 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-05-14 15:14:14 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\ubpm.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-05-14 15:14:02 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-05-14 15:14:01 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt_map.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt_map.dll
2014-05-11 17:59:49 ----D---- C:\Program Files (x86)\Technitium
2014-05-05 08:54:06 ----D---- C:\Users\user\AppData\Roaming\VitySoft
2014-04-30 19:46:10 ----D---- C:\Users\user\AppData\Roaming\pdfforge
2014-04-30 19:46:04 ----A---- C:\WINDOWS\system32\pdfcmon.dll
2014-04-30 19:46:02 ----D---- C:\Program Files (x86)\PDFCreator
2014-04-30 19:46:02 ----A---- C:\WINDOWS\SYSWOW64\MSMPIDE.DLL
======List of files/folders modified in the last 1 month======
2014-05-29 09:04:06 ----RD---- C:\Program Files
2014-05-29 09:03:45 ----D---- C:\WINDOWS\Temp
2014-05-29 09:03:13 ----HD---- C:\Program Files\WindowsApps
2014-05-29 09:02:01 ----D---- C:\WINDOWS\system32\sru
2014-05-29 08:58:34 ----D---- C:\WINDOWS\Prefetch
2014-05-29 08:57:55 ----RD---- C:\WINDOWS\System32
2014-05-29 08:57:55 ----D---- C:\WINDOWS\Inf
2014-05-29 08:57:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-29 08:56:16 ----D---- C:\WINDOWS\AppReadiness
2014-05-28 18:05:05 ----HD---- C:\ProgramData
2014-05-28 18:05:03 ----D---- C:\WINDOWS\system32\config
2014-05-28 18:05:03 ----D---- C:\Windows
2014-05-28 18:05:02 ----D---- C:\WINDOWS\Microsoft.NET
2014-05-28 18:04:59 ----D---- C:\WINDOWS\WinSxS
2014-05-28 18:03:59 ----D---- C:\WINDOWS\system32\drivers
2014-05-28 18:01:51 ----RD---- C:\WINDOWS\ToastData
2014-05-28 18:01:51 ----D---- C:\WINDOWS\SysWOW64
2014-05-28 18:01:50 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\oobe
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\en-US
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2014-05-28 18:01:47 ----D---- C:\WINDOWS\system32\DriverStore
2014-05-28 17:57:33 ----D---- C:\WINDOWS\CbsTemp
2014-05-28 17:48:53 ----D---- C:\WINDOWS\system32\catroot2
2014-05-28 17:24:43 ----D---- C:\WINDOWS\system32\drivers\etc
2014-05-28 15:28:58 ----D---- C:\Users\user\AppData\Roaming\Skype
2014-05-28 14:13:27 ----SHD---- C:\WINDOWS\Installer
2014-05-28 14:13:27 ----SHD---- C:\Config.Msi
2014-05-28 14:13:17 ----SHD---- C:\System Volume Information
2014-05-28 13:11:33 ----RSD---- C:\WINDOWS\assembly
2014-05-28 10:28:47 ----D---- C:\WINDOWS\system32\FxsTmp
2014-05-28 09:28:33 ----D---- C:\WINDOWS\Logs
2014-05-28 09:16:03 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-05-27 16:43:39 ----D---- C:\WINDOWS\system32\Tasks
2014-05-27 16:43:32 ----SD---- C:\ProgramData\Microsoft
2014-05-27 16:42:52 ----RD---- C:\Program Files (x86)
2014-05-27 16:22:34 ----D---- C:\WINDOWS\system32\wdi
2014-05-27 16:19:46 ----D---- C:\WINDOWS\SoftwareDistribution
2014-05-27 13:14:51 ----DC---- C:\WINDOWS\Panther
2014-05-27 13:14:51 ----D---- C:\WINDOWS\Minidump
2014-05-27 13:14:51 ----D---- C:\WINDOWS\debug
2014-05-27 11:39:40 ----D---- C:\Users\user\AppData\Roaming\Dropbox
2014-05-24 23:47:42 ----D---- C:\Users\user\AppData\Roaming\vlc
2014-05-24 16:00:42 ----RSD---- C:\WINDOWS\Fonts
2014-05-24 15:59:44 ----D---- C:\WINDOWS\system32\catroot
2014-05-18 14:36:26 ----D---- C:\WINDOWS\rescache
2014-05-17 12:28:09 ----D---- C:\ProgramData\Microsoft Help
2014-05-17 00:22:48 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2014-05-17 00:22:47 ----D---- C:\Program Files\Windows Defender
2014-05-17 00:22:47 ----D---- C:\Program Files (x86)\Windows Defender
2014-05-17 00:22:46 ----D---- C:\WINDOWS\WinStore
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-05-17 00:22:46 ----D---- C:\WINDOWS\system32\cs-CZ
2014-05-17 00:22:45 ----D---- C:\WINDOWS\system32\en-US
2014-05-17 00:22:44 ----D---- C:\WINDOWS\apppatch
2014-05-15 09:28:06 ----D---- C:\WINDOWS\system32\MRT
2014-05-15 09:26:54 ----A---- C:\WINDOWS\system32\MRT.exe
2014-05-15 09:17:48 ----A---- C:\WINDOWS\win.ini
2014-05-09 17:45:50 ----D---- C:\WINDOWS\system32\NDF
2014-05-07 09:41:39 ----D---- C:\Users\user\AppData\Roaming\VMware
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2013-09-17 239296]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwr64v.sys [2014-03-07 20736]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2014-02-13 231376]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [2012-07-06 47768]
R3 CnxtHdAudService;@oem52.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2011-03-24 1576064]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 dc3d;@oem26.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2011-05-18 47616]
R3 DNE;@oem29.inf,%DneMP_Desc%;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem20.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2013-08-22 11776]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-04-24 460528]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [2013-07-19 112080]
S3 androidusb;@oem24.inf,%SAMSUNG.Adb.SvcDesc%;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\WINDOWS\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 FTDIBUS;@oem33.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2013-05-08 76648]
S3 FTSER2K;@oem34.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2013-05-08 85864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 RSPCIESTOR;@oem19.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2011-05-04 338536]
S3 RTL2832UBDA;@oem42.inf,%RTLUSBDEV.BDA_Desc%;REALTEK 2832U BDA Driver; C:\WINDOWS\system32\drivers\RTL2832UBDA.sys [2014-05-24 237968]
S3 RTL2832UUSB;@oem42.inf,%RTLUSBDEV.USB_Desc%;REALTEK 2832U USB Driver; C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [2014-05-24 39056]
S3 ssadbus;@oem23.inf,%SAMSUNG.Service.Desc%;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\System32\drivers\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;@oem27.inf,%Samsung.Filter.Name%;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;@oem27.inf,%Samsung.Service.Name%;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;@oem28.inf,%Samsung.Service.Name%;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-22 33280]
S3 vpnva;@oem2.inf,%VPNVA64_Desc%;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64; C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys [2013-07-19 52080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-02-13 43696]
R2 IBMPMSVC;@oem51.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-03-10 2085184]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2013-12-11 468288]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-02 4972864]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-07-06 856728]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-07-19 557968]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-03-07 1669976]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-03-04 573488]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-03-04 512048]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-03-04 527920]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-03-04 702512]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-04-25 1738200]
S3 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-04-25 2081752]
S3 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-02-21 24120]
-----------------EOF-----------------
Diky.
S.
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2014-05-29 09:04:05
Microsoft Windows 8.1 Pro
System drive C: has 7 GB (11%) free of 60 GB
Total RAM: 8106 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:04:11, on 29. 5. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal
Running processes:
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
O4 - HKCU\..\Run: [HP Officejet Pro 8500 A910 (NET)] "C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem51.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11645 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
dashost.exe {94e68946-efb5-49aa-88ec2f2d61df4b34}
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-399fe034-9769-4c1e-bce8-41ac4eccaf79 -SystemEventPortName:HostProcess-4aee653c-2f6b-4fa7-b542-e30691670ad4 -IoCancelEventPortName:HostProcess-48829f6d-f336-4d2d-a5f7-91eb13d8790c -NonStateChangingEventPortName:HostProcess-84cfa397-05c6-4770-ac32-dd5f0ec67db9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:28c138e1-97fb-413b-8b5d-085826c5f8e4 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-23f0b6b5-db29-447e-b92f-80f914595f51 -SystemEventPortName:HostProcess-b4e2c80f-3b54-47fc-972c-a8dfc5999591 -IoCancelEventPortName:HostProcess-979e06e0-9343-4d3d-b77d-ab3ce16036eb -NonStateChangingEventPortName:HostProcess-2e62c632-8418-4226-b83e-6c6fa3b7cc28 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:57993665-cf20-4053-acca-7fb1969ee089 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2a386be2-ce0d-4a21-a734-6f3bdabbf003 -SystemEventPortName:HostProcess-dc693eda-dd70-4472-a8ac-e11785f64f0e -IoCancelEventPortName:HostProcess-ffc5184c-7726-4471-80e5-9b69b007601f -NonStateChangingEventPortName:HostProcess-6a03d5a2-5077-4452-ba3e-25bbaf671a2a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4fd367b4-173b-4277-980f-f1ca0400d10a -DeviceGroupId:
winlogon.exe
"dwm.exe"
taskhostex.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
"C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
taskeng.exe {DFB38BAD-BF14-4BCD-B46D-B4CE59B4470B}
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1760.0.206250824\1900103417" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE"
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1760.5.1705853410\2004158708" /prefetch:673131151
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1760.7.1333736384\1958055698" /prefetch:673131151
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1760.9.1398828768\1695542613" /prefetch:673131151
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1760.11.954498987\1997571921" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1760.12.977683831\380172021" --ppapi-flash-args --lang=en-US --ignored=" --type=renderer " /prefetch:-632637702
"C:\totalcmd\TOTALCMD64.EXE"
taskeng.exe {DD8826C6-A677-4EB2-9B21-16B068F69AA3}
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
"C:\Users\user\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138Core.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138UA.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-04-25 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 2333400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-04-25 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 1728216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-03-04 74288]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"=C:\Program Files\TrueCrypt\TrueCrypt.exe [2014-02-13 1516496]
"HP Officejet Pro 8500 A910 (NET)"=C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-15 116648]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2013-07-19 703888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-04-25 4101584]
[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTVScheduleAgent.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\WINDOWS\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-05-29 09:04:06 ----D---- C:\Program Files\trend micro
2014-05-29 09:04:05 ----D---- C:\rsit
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-05-28 17:53:00 ----A---- C:\WINDOWS\system32\twinui.dll
2014-05-28 17:52:59 ----A---- C:\WINDOWS\system32\shell32.dll
2014-05-28 17:52:58 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-28 17:52:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-05-28 17:52:56 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-28 17:52:55 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\win32k.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\localspl.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\winmde.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\SYSWOW64\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\services.exe
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\swprv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\resutils.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\srcore.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfps.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-05-28 17:48:09 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-05-27 16:43:16 ----A---- C:\WINDOWS\system32\sdnclean64.exe
2014-05-27 16:43:10 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-05-27 16:42:52 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-27 13:21:20 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-27 13:09:15 ----D---- C:\Program Files\CCleaner
2014-05-27 12:15:57 ----D---- C:\ProgramData\ESET
2014-05-27 12:15:57 ----D---- C:\Program Files\ESET
2014-05-24 16:09:25 ----D---- C:\Users\user\AppData\Roaming\KWorld Multimedia
2014-05-24 16:00:42 ----D---- C:\Program Files (x86)\GIGABYTE
2014-05-24 15:59:48 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBTSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\SuperFrameSplitter.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTL283XACCESS.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBT.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFMSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFM.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABMWare.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDAB.dll
2014-05-24 15:59:42 ----D---- C:\WINDOWS\RTL
2014-05-22 19:04:10 ----D---- C:\Users\user\AppData\Roaming\Mozilla
2014-05-17 10:23:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\system32\wusa.exe
2014-05-14 15:14:49 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-05-14 15:14:48 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-05-14 15:14:47 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\storewuauth.dll
2014-05-14 15:14:16 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-05-14 15:14:14 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\ubpm.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-05-14 15:14:02 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-05-14 15:14:01 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt_map.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt_map.dll
2014-05-11 17:59:49 ----D---- C:\Program Files (x86)\Technitium
2014-05-05 08:54:06 ----D---- C:\Users\user\AppData\Roaming\VitySoft
2014-04-30 19:46:10 ----D---- C:\Users\user\AppData\Roaming\pdfforge
2014-04-30 19:46:04 ----A---- C:\WINDOWS\system32\pdfcmon.dll
2014-04-30 19:46:02 ----D---- C:\Program Files (x86)\PDFCreator
2014-04-30 19:46:02 ----A---- C:\WINDOWS\SYSWOW64\MSMPIDE.DLL
======List of files/folders modified in the last 1 month======
2014-05-29 09:04:06 ----RD---- C:\Program Files
2014-05-29 09:03:45 ----D---- C:\WINDOWS\Temp
2014-05-29 09:03:13 ----HD---- C:\Program Files\WindowsApps
2014-05-29 09:02:01 ----D---- C:\WINDOWS\system32\sru
2014-05-29 08:58:34 ----D---- C:\WINDOWS\Prefetch
2014-05-29 08:57:55 ----RD---- C:\WINDOWS\System32
2014-05-29 08:57:55 ----D---- C:\WINDOWS\Inf
2014-05-29 08:57:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-29 08:56:16 ----D---- C:\WINDOWS\AppReadiness
2014-05-28 18:05:05 ----HD---- C:\ProgramData
2014-05-28 18:05:03 ----D---- C:\WINDOWS\system32\config
2014-05-28 18:05:03 ----D---- C:\Windows
2014-05-28 18:05:02 ----D---- C:\WINDOWS\Microsoft.NET
2014-05-28 18:04:59 ----D---- C:\WINDOWS\WinSxS
2014-05-28 18:03:59 ----D---- C:\WINDOWS\system32\drivers
2014-05-28 18:01:51 ----RD---- C:\WINDOWS\ToastData
2014-05-28 18:01:51 ----D---- C:\WINDOWS\SysWOW64
2014-05-28 18:01:50 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\oobe
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\en-US
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2014-05-28 18:01:47 ----D---- C:\WINDOWS\system32\DriverStore
2014-05-28 17:57:33 ----D---- C:\WINDOWS\CbsTemp
2014-05-28 17:48:53 ----D---- C:\WINDOWS\system32\catroot2
2014-05-28 17:24:43 ----D---- C:\WINDOWS\system32\drivers\etc
2014-05-28 15:28:58 ----D---- C:\Users\user\AppData\Roaming\Skype
2014-05-28 14:13:27 ----SHD---- C:\WINDOWS\Installer
2014-05-28 14:13:27 ----SHD---- C:\Config.Msi
2014-05-28 14:13:17 ----SHD---- C:\System Volume Information
2014-05-28 13:11:33 ----RSD---- C:\WINDOWS\assembly
2014-05-28 10:28:47 ----D---- C:\WINDOWS\system32\FxsTmp
2014-05-28 09:28:33 ----D---- C:\WINDOWS\Logs
2014-05-28 09:16:03 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-05-27 16:43:39 ----D---- C:\WINDOWS\system32\Tasks
2014-05-27 16:43:32 ----SD---- C:\ProgramData\Microsoft
2014-05-27 16:42:52 ----RD---- C:\Program Files (x86)
2014-05-27 16:22:34 ----D---- C:\WINDOWS\system32\wdi
2014-05-27 16:19:46 ----D---- C:\WINDOWS\SoftwareDistribution
2014-05-27 13:14:51 ----DC---- C:\WINDOWS\Panther
2014-05-27 13:14:51 ----D---- C:\WINDOWS\Minidump
2014-05-27 13:14:51 ----D---- C:\WINDOWS\debug
2014-05-27 11:39:40 ----D---- C:\Users\user\AppData\Roaming\Dropbox
2014-05-24 23:47:42 ----D---- C:\Users\user\AppData\Roaming\vlc
2014-05-24 16:00:42 ----RSD---- C:\WINDOWS\Fonts
2014-05-24 15:59:44 ----D---- C:\WINDOWS\system32\catroot
2014-05-18 14:36:26 ----D---- C:\WINDOWS\rescache
2014-05-17 12:28:09 ----D---- C:\ProgramData\Microsoft Help
2014-05-17 00:22:48 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2014-05-17 00:22:47 ----D---- C:\Program Files\Windows Defender
2014-05-17 00:22:47 ----D---- C:\Program Files (x86)\Windows Defender
2014-05-17 00:22:46 ----D---- C:\WINDOWS\WinStore
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-05-17 00:22:46 ----D---- C:\WINDOWS\system32\cs-CZ
2014-05-17 00:22:45 ----D---- C:\WINDOWS\system32\en-US
2014-05-17 00:22:44 ----D---- C:\WINDOWS\apppatch
2014-05-15 09:28:06 ----D---- C:\WINDOWS\system32\MRT
2014-05-15 09:26:54 ----A---- C:\WINDOWS\system32\MRT.exe
2014-05-15 09:17:48 ----A---- C:\WINDOWS\win.ini
2014-05-09 17:45:50 ----D---- C:\WINDOWS\system32\NDF
2014-05-07 09:41:39 ----D---- C:\Users\user\AppData\Roaming\VMware
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2013-09-17 239296]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwr64v.sys [2014-03-07 20736]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2014-02-13 231376]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [2012-07-06 47768]
R3 CnxtHdAudService;@oem52.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2011-03-24 1576064]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 dc3d;@oem26.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2011-05-18 47616]
R3 DNE;@oem29.inf,%DneMP_Desc%;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem20.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2013-08-22 11776]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-04-24 460528]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [2013-07-19 112080]
S3 androidusb;@oem24.inf,%SAMSUNG.Adb.SvcDesc%;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\WINDOWS\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 FTDIBUS;@oem33.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2013-05-08 76648]
S3 FTSER2K;@oem34.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2013-05-08 85864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 RSPCIESTOR;@oem19.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2011-05-04 338536]
S3 RTL2832UBDA;@oem42.inf,%RTLUSBDEV.BDA_Desc%;REALTEK 2832U BDA Driver; C:\WINDOWS\system32\drivers\RTL2832UBDA.sys [2014-05-24 237968]
S3 RTL2832UUSB;@oem42.inf,%RTLUSBDEV.USB_Desc%;REALTEK 2832U USB Driver; C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [2014-05-24 39056]
S3 ssadbus;@oem23.inf,%SAMSUNG.Service.Desc%;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\System32\drivers\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;@oem27.inf,%Samsung.Filter.Name%;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;@oem27.inf,%Samsung.Service.Name%;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;@oem28.inf,%Samsung.Service.Name%;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-22 33280]
S3 vpnva;@oem2.inf,%VPNVA64_Desc%;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64; C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys [2013-07-19 52080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-02-13 43696]
R2 IBMPMSVC;@oem51.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-03-10 2085184]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2013-12-11 468288]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-02 4972864]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-07-06 856728]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-07-19 557968]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-03-07 1669976]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-03-04 573488]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-03-04 512048]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-03-04 527920]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-03-04 702512]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-04-25 1738200]
S3 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-04-25 2081752]
S3 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-02-21 24120]
-----------------EOF-----------------
