Spomalene PC win 7 - prosim o kontrolu

Zpráva

Edon · #1 Příspěvek od **Edon** » 18 dub 2015 09:54

Zdravím v poslednej dobe mi zacal pocitac citelne spomalovat. Povymazaval som vela programov a cakal nejake zlepsenie ale nic. Dlho mu trva dokonca aj otvaranie suborov. Casto krat vtedy pozeram procesy a vsimol som si ze proces SVCHOST.EXE len tak zrazu zacne vyuzivat napriklad cca 800 - 1200mb pamate. Dakujem za kazdu radu

Log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Michal at 2015-04-18 10:53:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 7 GB (1%) free of 588 GB
Total RAM: 4030 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:53:27, on 18. 4. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\tsnp325.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Breowse2savue - {6399C1E4-21A2-E117-D2D6-61358B9E1315} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [tsnp325] C:\windows\tsnp325.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 14762 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 27298656
\??\C:\windows\system32\conhost.exe "150033058377968897255290151-1045307834-15151578531496720706-1630928453-110804006
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
WLIDSvcM.exe 2168
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
taskeng.exe {AD880C6A-1EDB-47E4-88FB-8482F0548716}
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Protected Search\ProtectedSearch.exe"
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Windows\tsnp325.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Steam\steam.exe" "steam://rungameid/570"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Michal\AppData\Local\Steam\htmlcache" -steampid 4612 -buildid 1428965940 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6784.0.1034053869\372681875" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,18,40 --gpu-vendor-id=0x1002 --gpu-device-id=0x0000 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_3/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6784 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6784.2.704860968\1174322558" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_3/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6784 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6784.3.579778638\1471522361" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6784.48.22267347\482319706" --ppapi-flash-args=enable_hw_video_decode=1 --lang=en-US --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe" "magnet:?xt=urn:btih:00a9b1154efe6b22556ca5289c9a90f60a58771d&dn=RoboCop+%282014%29+720p+BrRip+x264+-+YIFY&tr=udp%3A%2F%2Fopen.demonii.com%3A1337&tr=udp%3A%2F%2Ftracker.coppersurfer.tk%3A6969&tr=udp%3A%2F%2Ftracker.leechers-paradise.org%3A6969&tr=udp%3A%2F%2Fexodus.desync.com%3A6969"
taskeng.exe {D11430F8-830B-40DB-AED0-D144A565C010}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
"c:\program files\windows defender\MpCmdRun.exe" Scan -ScheduleJob -WinTask -RestrictPrivilegesScan -Reinvoke
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_3/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6784 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6784.129.824713825\1820913730" /prefetch:673131151
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
"C:\Program Files (x86)\Google\Update\Install\{594E30DB-B524-4365-AA5B-F7899313976B}\42.0.2311.90_41.0.2272.118_chrome_updater.exe" --multi-install --do-not-launch-chrome --system-level
"C:\windows\TEMP\CR_50620.tmp\setup.exe" --install-archive="C:\windows\TEMP\CR_50620.tmp\CHROME_PATCH.PACKED.7Z" --multi-install --do-not-launch-chrome --system-level
C:\windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_3/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6784 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6784.132.1590349545\2092620235" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_3/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6784 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6784.135.475845938\1078988076" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/EnhancedBookmarks/Manual install/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_3/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6784 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6784.138.1106297986\1097552529" /prefetch:673131151
"C:\windows\system32\taskmgr.exe" /4
"C:\Users\Michal\Desktop\PC\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineCore1cfff7ac0c0ed59.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8be5ed3748d.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleForMICHAL-HP$.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMICHAL-HP$ (null)
C:\windows\tasks\HPCeeScheduleForMichal.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMichal (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\93jxku15.default

prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "http://search.certified-toolbar.com?si= ... e&tid=2938"
prefs.js - "keyword.URL" - "http://search.certified-toolbar.com?si= ... bs=true&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
Web Search.xml

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\93jxku15.default\extensions\
jzccff@bwu.co.uk
{32a1fd71-835e-4b11-8e54-886fda0b4c89}

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\93jxku15.default\searchplugins\
bingp.xml
qip-search.xml
Web Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-19 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6399C1E4-21A2-E117-D2D6-61358B9E1315}]
Breowse2savue

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2011-04-25 141184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
"IntelliPoint"=c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 2417032]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-05-04 1664000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-04 3011824]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-01-27 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-01-27 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-01-27 418328]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2012-09-23 3477640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-19 127616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-08-19 764032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtvStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-19 127616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
C:\windows\FixCamera.exe [2007-07-11 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe -autolaunch []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP HD Webcam [Fixed]_Monitor]
C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [2010-11-26 267128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MfeEpePcMonitor]
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-02-09 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe /WinStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2012-08-03 1086376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarEditor]
C:\Program Files (x86)\OSCAR Editor X7\\OscarEditor.exe Minimum []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\Michal\AppData\Roaming\QipGuard\QipGuard.exe [2011-04-25 191360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-01-29 299576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-03-25 31682144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp325]
C:\windows\vsnp325.exe [2007-05-10 835584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Michal\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-11-15 1514040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2015-04-14 2889408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe [2015-03-04 1742928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2013-12-13 85600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe [2015-04-02 43382072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-04-05 94264]
""= []
"tsnp325"=C:\windows\tsnp325.exe [2007-04-21 270336]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]

C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-01-27 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-16 15:09:42 ----D---- C:\windows\rescache
2015-04-15 21:48:29 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2015-04-14 22:24:26 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-04-14 22:24:26 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-04-14 22:24:26 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-04-14 22:24:26 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-04-14 22:24:26 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-04-14 22:24:26 ----A---- C:\windows\system32\ieetwcollector.exe
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-04-14 22:24:25 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 22:24:25 ----A---- C:\windows\system32\iernonce.dll
2015-04-14 22:24:25 ----A---- C:\windows\system32\ie4uinit.exe
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-04-14 22:24:23 ----A---- C:\windows\system32\urlmon.dll
2015-04-14 22:24:23 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-14 22:24:23 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-04-14 22:24:23 ----A---- C:\windows\system32\iedkcs32.dll
2015-04-14 22:24:23 ----A---- C:\windows\system32\dxtrans.dll
2015-04-14 22:24:22 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-04-14 22:24:22 ----A---- C:\windows\system32\msfeeds.dll
2015-04-14 22:24:22 ----A---- C:\windows\system32\iesetup.dll
2015-04-14 22:24:22 ----A---- C:\windows\system32\ieapfltr.dll
2015-04-14 22:24:21 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-04-14 22:24:21 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-04-14 22:24:21 ----A---- C:\windows\system32\iertutil.dll
2015-04-14 22:24:20 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-04-14 22:24:20 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-04-14 22:24:20 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-04-14 22:24:20 ----A---- C:\windows\system32\jsproxy.dll
2015-04-14 22:24:20 ----A---- C:\windows\system32\ieUnatt.exe
2015-04-14 22:24:20 ----A---- C:\windows\system32\dxtmsft.dll
2015-04-14 22:24:19 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-04-14 22:24:19 ----A---- C:\windows\system32\mshtmled.dll
2015-04-14 22:24:19 ----A---- C:\windows\system32\ieui.dll
2015-04-14 22:24:19 ----A---- C:\windows\system32\ieframe.dll
2015-04-14 22:24:18 ----A---- C:\windows\system32\wininet.dll
2015-04-14 22:24:18 ----A---- C:\windows\system32\vbscript.dll
2015-04-14 22:24:18 ----A---- C:\windows\system32\jscript9diag.dll
2015-04-14 22:24:18 ----A---- C:\windows\system32\jscript9.dll
2015-04-14 22:24:17 ----A---- C:\windows\system32\msrating.dll
2015-04-14 22:24:17 ----A---- C:\windows\system32\MshtmlDac.dll
2015-04-14 22:24:16 ----A---- C:\windows\system32\mshtml.dll
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wups.dll
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuwebv.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wups2.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wups.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wudriver.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wucltux.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuaueng.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuauclt.exe
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuapp.exe
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuapi.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\WinSetupUI.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\invagent.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\generaltel.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\devinv.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\appraiser.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\aepic.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\aepdu.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\aeinv.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\acmigration.dll
2015-04-14 22:12:25 ----A---- C:\windows\SYSWOW64\gdi32.dll
2015-04-14 22:12:25 ----A---- C:\windows\system32\gdi32.dll
2015-04-14 22:12:23 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2015-04-14 22:12:23 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-04-14 22:12:23 ----A---- C:\windows\system32\msxml3r.dll
2015-04-14 22:12:23 ----A---- C:\windows\system32\msxml3.dll
2015-04-14 22:12:16 ----A---- C:\windows\system32\ntoskrnl.exe
2015-04-14 22:12:15 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-04-14 22:12:15 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-04-14 22:12:15 ----A---- C:\windows\system32\ntdll.dll
2015-04-14 22:12:15 ----A---- C:\windows\system32\KernelBase.dll
2015-04-14 22:12:15 ----A---- C:\windows\system32\kernel32.dll
2015-04-14 22:12:13 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-04-14 22:12:12 ----A---- C:\windows\SYSWOW64\kernel32.dll
2015-04-14 22:12:12 ----A---- C:\windows\system32\wow64win.dll
2015-04-14 22:12:12 ----A---- C:\windows\system32\schannel.dll
2015-04-14 22:12:12 ----A---- C:\windows\system32\lsasrv.dll
2015-04-14 22:12:11 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-04-14 22:12:11 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-04-14 22:12:11 ----A---- C:\windows\system32\wow64.dll
2015-04-14 22:12:11 ----A---- C:\windows\system32\srcore.dll
2015-04-14 22:12:11 ----A---- C:\windows\system32\conhost.exe
2015-04-14 22:12:10 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-04-14 22:12:10 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\winsrv.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\wdigest.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\TSpkg.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\sspicli.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\rstrui.exe
2015-04-14 22:12:10 ----A---- C:\windows\system32\ncrypt.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\msv1_0.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\kerberos.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-04-14 22:12:10 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\setup16.exe
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-04-14 22:12:09 ----A---- C:\windows\system32\srclient.dll
2015-04-14 22:12:09 ----A---- C:\windows\system32\smss.exe
2015-04-14 22:12:09 ----A---- C:\windows\system32\lsass.exe
2015-04-14 22:12:09 ----A---- C:\windows\system32\auditpol.exe
2015-04-14 22:12:08 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-04-14 22:12:08 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-04-14 22:12:08 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\wow64cpu.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\sspisrv.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\secur32.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\ntvdm64.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\csrsrv.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\credssp.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:12:07 ----A---- C:\windows\SYSWOW64\wow32.dll
2015-04-14 22:12:07 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-04-14 22:12:07 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:12:05 ----A---- C:\windows\SYSWOW64\instnm.exe
2015-04-14 22:12:05 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2015-04-14 22:12:05 ----A---- C:\windows\system32\apisetschema.dll
2015-04-14 22:12:04 ----A---- C:\windows\SYSWOW64\user.exe
2015-04-14 22:12:04 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-04-14 22:12:04 ----A---- C:\windows\system32\adtschema.dll
2015-04-14 22:12:03 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-04-14 22:12:03 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-04-14 22:12:03 ----A---- C:\windows\system32\msobjs.dll
2015-04-14 22:12:03 ----A---- C:\windows\system32\msaudite.dll
2015-04-14 22:08:54 ----A---- C:\windows\system32\drivers\http.sys
2015-04-14 22:03:52 ----A---- C:\windows\system32\clfs.sys
2015-04-14 22:03:51 ----A---- C:\windows\SYSWOW64\clfsw32.dll
2015-04-14 22:03:51 ----A---- C:\windows\system32\clfsw32.dll
2015-04-04 14:26:54 ----D---- C:\Users\Michal\AppData\Roaming\Opera Software
2015-04-04 11:53:51 ----SD---- C:\windows\SYSWOW64\GWX
2015-04-04 11:53:51 ----SD---- C:\windows\system32\GWX
2015-03-23 20:26:11 ----D---- C:\Program Files (x86)\WinLemm

======List of files/folders modified in the last 1 month======

2015-04-18 10:53:27 ----D---- C:\windows\Prefetch
2015-04-18 10:53:24 ----D---- C:\Program Files\trend micro
2015-04-18 10:53:20 ----D---- C:\windows\Temp
2015-04-18 10:52:40 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2015-04-18 10:29:54 ----D---- C:\windows\system32\config
2015-04-18 00:49:08 ----SHD---- C:\System Volume Information
2015-04-17 21:35:54 ----D---- C:\Users\Michal\AppData\Roaming\TS3Client
2015-04-17 20:31:26 ----D---- C:\windows\System32
2015-04-17 20:31:26 ----D---- C:\windows\inf
2015-04-17 20:31:26 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-04-17 20:28:59 ----D---- C:\Program Files (x86)\Steam
2015-04-17 20:28:10 ----D---- C:\Users\Michal\AppData\Roaming\Dropbox
2015-04-17 20:27:51 ----A---- C:\windows\SYSWOW64\log.txt
2015-04-17 20:25:35 ----D---- C:\ProgramData\HPQLOG
2015-04-17 19:27:15 ----D---- C:\windows\Tasks
2015-04-17 19:27:15 ----D---- C:\windows\system32\Tasks
2015-04-17 02:16:12 ----D---- C:\windows\AppCompat
2015-04-16 22:27:03 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2015-04-16 21:25:29 ----SHD---- C:\windows\Installer
2015-04-16 21:25:29 ----D---- C:\ProgramData\Skype
2015-04-16 15:09:42 ----D---- C:\Windows
2015-04-16 01:03:38 ----D---- C:\windows\Microsoft.NET
2015-04-16 01:02:12 ----RSD---- C:\windows\assembly
2015-04-15 22:48:43 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-04-15 21:48:29 ----D---- C:\windows\SysWOW64
2015-04-15 15:56:56 ----D---- C:\windows\winsxs
2015-04-15 08:53:26 ----D---- C:\windows\SYSWOW64\en-US
2015-04-15 08:53:25 ----D---- C:\windows\system32\en-US
2015-04-15 08:53:25 ----D---- C:\windows\PolicyDefinitions
2015-04-15 08:53:23 ----SD---- C:\windows\system32\CompatTel
2015-04-15 08:53:21 ----D---- C:\windows\system32\appraiser
2015-04-15 08:53:20 ----D---- C:\windows\AppPatch
2015-04-15 08:53:03 ----D---- C:\windows\system32\drivers
2015-04-15 08:53:00 ----D---- C:\Program Files\Internet Explorer
2015-04-15 08:52:52 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 08:21:48 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 08:20:04 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 08:15:34 ----D---- C:\windows\system32\MRT
2015-04-15 08:03:36 ----D---- C:\windows\debug
2015-04-15 08:03:27 ----A---- C:\windows\system32\MRT.exe
2015-04-14 22:00:31 ----D---- C:\windows\system32\catroot2
2015-04-14 21:40:09 ----D---- C:\windows\system32\NDF
2015-04-12 19:21:10 ----D---- C:\ProgramData\PDFC
2015-04-06 11:44:33 ----D---- C:\Program Files (x86)\Opera
2015-04-06 11:43:45 ----D---- C:\Program Files\Recuva
2015-04-06 11:39:41 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-04-06 11:38:54 ----RD---- C:\Program Files (x86)\Skype
2015-04-06 11:36:17 ----A---- C:\windows\MoZiLive.ini
2015-04-06 11:35:27 ----D---- C:\ProgramData\Hewlett-Packard
2015-04-06 11:35:26 ----D---- C:\Program Files\Hewlett-Packard
2015-04-06 11:33:10 ----D---- C:\Program Files (x86)\Common Files
2015-04-06 11:22:35 ----D---- C:\Program Files (x86)\ArcSoft
2015-04-06 11:22:25 ----D---- C:\Users\Michal\AppData\Roaming\ArcSoft
2015-04-04 11:54:17 ----D---- C:\windows\Logs
2015-04-04 11:49:19 ----D---- C:\Users\Michal\AppData\Roaming\Spotify
2015-03-26 12:24:37 ----D---- C:\Program Files (x86)\DOSBox-0.74
2015-03-26 11:06:48 ----D---- C:\windows\system32\wbem
2015-03-23 20:26:11 ----D---- C:\Program Files (x86)
2015-03-23 06:45:15 ----D---- C:\Program Files (x86)\Hearthstone
2015-03-23 06:41:36 ----D---- C:\Program Files (x86)\Battle.net

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\windows\system32\DRIVERS\amdkmpfd.sys [2014-10-28 62152]
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-01-27 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-02-09 168008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-07 283200]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 cpuz135;cpuz135; \??\C:\windows\system32\drivers\cpuz135_x64.sys [2010-12-27 21992]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-01-27 43320]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2012-08-19 88728]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2012-08-19 344216]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2012-08-19 114840]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2012-08-19 33944]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2012-08-19 178840]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2012-08-19 77464]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2012-08-19 135832]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2012-08-19 567808]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-12-03 25912]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-01-27 12273408]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2013-03-09 175928]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-02-09 708200]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2011-01-12 2611704]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2013-05-04 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-05-04 468720]
S3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 andnetadb;ADB Interface DriverNet; C:\windows\System32\Drivers\lgandnetadb.sys [2012-07-03 31744]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\windows\system32\DRIVERS\lgandnetdiag64.sys [2012-07-03 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\windows\system32\DRIVERS\lgandnetmodem64.sys [2012-07-03 36352]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\windows\system32\DRIVERS\lgandnetndis64.sys [2012-07-04 93184]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys []
S3 athur;Wireless Network Adapter Service; C:\windows\system32\DRIVERS\athurx.sys [2011-04-20 1930240]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
S3 dc3d;MS Hardware Device Detection Driver; C:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-01-27 12273408]
S3 KMWDFILTER;Eastern Times KM DRIVER; C:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-12-04 20992]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\windows\system32\drivers\massfilter.sys []
S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\windows\system32\DRIVERS\netr28ux.sys [2009-05-25 966144]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 NuidFltr;NUID filter driver; C:\windows\system32\DRIVERS\NuidFltr.sys [2011-08-01 23960]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Point64;Microsoft IntelliPoint Filter Driver; C:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SNP325;USB PC Camera (SNPSTD325); C:\windows\system32\DRIVERS\snp325.sys [2007-11-22 10733184]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 tap0901;TAP-Windows Adapter V9; C:\windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\windows\system32\DRIVERS\taphss6.sys [2014-05-17 42184]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbbus;LGE Mobile Composite USB Device; C:\windows\system32\DRIVERS\lgx64bus.sys [2012-03-02 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\system32\DRIVERS\lgx64diag.sys [2012-03-02 28160]
S3 USBModem;LGE Mobile USB Modem; C:\windows\system32\DRIVERS\lgx64modem.sys [2012-03-02 34816]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-05-04 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-19 211584]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-02-12 481104]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-29 281656]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-01-27 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-05-04 323072]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-04-05 1094712]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-02-04 464480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-24 834752]
S4 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 18 dub 2015 10:04

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.

Edon · #3 Příspěvek od **Edon** » 18 dub 2015 10:19

Tu je log

# AdwCleaner v4.201 - Logfile created 18/04/2015 at 11:10:27
# Updated 08/04/2015 by Xplode
# Database : 2015-04-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Michal - MICHAL-HP
# Running from : C:\Users\Michal\Desktop\PC\adwcleaner_4.201.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Deleted : C:\Program Files (x86)\BrowseToSave
Folder Deleted : C:\Program Files (x86)\Protected Search
Folder Deleted : C:\Users\Michal\AppData\Local\DownTango
Folder Deleted : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\93jxku15.default\Extensions\{32A1FD71-835E-4B11-8E54-886FDA0B4C89}
Folder Deleted : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\93jxku15.default\Extensions\jzccff@bwu.co.uk
Folder Deleted : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\paddiapjbnmknhhobfcjnnmhgihnpgne
File Deleted : C:\END
File Deleted : C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Deleted : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\93jxku15.default\searchplugins\bingp.xml
File Deleted : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\93jxku15.default\searchplugins\qip-search.xml
File Deleted : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\93jxku15.default\searchplugins\Web Search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Web Search.xml

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6399C1E4-21A2-E117-D2D6-61358B9E1315}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6399C1E4-21A2-E117-D2D6-61358B9E1315}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95289393-33EA-4F8D-B952-483415B9C955}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6399C1E4-21A2-E117-D2D6-61358B9E1315}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95289393-33EA-4F8D-B952-483415B9C955}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6399C1E4-21A2-E117-D2D6-61358B9E1315}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\simplytech
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75E9A522-65D2-4200-A95F-C3EF89703263}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v30.0 (sk)

[93jxku15.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
[93jxku15.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.search.check", false);
[93jxku15.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://newtab.certified-toolbar.com/nff?si=41460&tid=2938&new=true");
[93jxku15.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Web Search");
[93jxku15.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Web Search");
[93jxku15.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938");
[93jxku15.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
[93jxku15.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
[93jxku15.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=");

-\\ Google Chrome v42.0.2311.90

[C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q={searchTerms}
[C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q={searchTerms}
[C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : paddiapjbnmknhhobfcjnnmhgihnpgne
[C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : fcfenmboojpjinhpgggodefccipikbpd

-\\ Opera v0.0.0.0

*************************

AdwCleaner[R0].txt - [11615 bytes] - [18/04/2015 11:07:45]
AdwCleaner[S0].txt - [9284 bytes] - [18/04/2015 11:10:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9343 bytes] ##########

#4 Příspěvek od **Rudy** » 18 dub 2015 10:20

Dejte nový log RSIT.

Edon · #5 Příspěvek od **Edon** » 18 dub 2015 10:23

Pripajam

Logfile of random's system information tool 1.10 (written by random/random)
Run by Michal at 2015-04-18 11:23:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 7 GB (1%) free of 588 GB
Total RAM: 4030 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:23:32, on 18. 4. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\tsnp325.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [tsnp325] C:\windows\tsnp325.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 13007 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 39521488
\??\C:\windows\system32\conhost.exe "-1922399713-1505947144708265869146331318912113520063144706631402904468-1190364740
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
WLIDSvcM.exe 2788
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Windows\tsnp325.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2556.0.931865230\672589545" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,18,41 --gpu-vendor-id=0x1002 --gpu-device-id=0x0000 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_3/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_12/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2556 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="2556.3.1752162754\501160854" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_3/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_12/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2556 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="2556.4.20223196\1196206238" /prefetch:673131151
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
C:\windows\sysWOW64\wbem\wmiprvse.exe -Embedding
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_3/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_12/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2556 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="2556.14.691274418\110707940" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Michal\Desktop\PC\RSITx64.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineCore1cfff7ac0c0ed59.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8be5ed3748d.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleForMICHAL-HP$.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMICHAL-HP$ (null)
C:\windows\tasks\HPCeeScheduleForMichal.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMichal (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\93jxku15.default

prefs.js - "browser.search.useDBForOrder" - false

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-19 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
"IntelliPoint"=c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 2417032]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-05-04 1664000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-04 3011824]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-01-27 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-01-27 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-01-27 418328]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2012-09-23 3477640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-19 127616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-08-19 764032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtvStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-19 127616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
C:\windows\FixCamera.exe [2007-07-11 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe -autolaunch []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP HD Webcam [Fixed]_Monitor]
C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [2010-11-26 267128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MfeEpePcMonitor]
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-02-09 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe /WinStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2012-08-03 1086376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarEditor]
C:\Program Files (x86)\OSCAR Editor X7\\OscarEditor.exe Minimum []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\Michal\AppData\Roaming\QipGuard\QipGuard.exe [2011-04-25 191360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-01-29 299576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-03-25 31682144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp325]
C:\windows\vsnp325.exe [2007-05-10 835584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Michal\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-11-15 1514040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2015-04-14 2889408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe [2015-03-04 1742928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2013-12-13 85600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe [2015-04-02 43382072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-04-05 94264]
""= []
"tsnp325"=C:\windows\tsnp325.exe [2007-04-21 270336]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]

C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-01-27 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-18 11:07:39 ----D---- C:\AdwCleaner
2015-04-16 15:09:42 ----D---- C:\windows\rescache
2015-04-15 21:48:29 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2015-04-14 22:24:26 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-04-14 22:24:26 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-04-14 22:24:26 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-04-14 22:24:26 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-04-14 22:24:26 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-04-14 22:24:26 ----A---- C:\windows\system32\ieetwcollector.exe
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-04-14 22:24:25 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 22:24:25 ----A---- C:\windows\system32\iernonce.dll
2015-04-14 22:24:25 ----A---- C:\windows\system32\ie4uinit.exe
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-04-14 22:24:23 ----A---- C:\windows\system32\urlmon.dll
2015-04-14 22:24:23 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-14 22:24:23 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-04-14 22:24:23 ----A---- C:\windows\system32\iedkcs32.dll
2015-04-14 22:24:23 ----A---- C:\windows\system32\dxtrans.dll
2015-04-14 22:24:22 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-04-14 22:24:22 ----A---- C:\windows\system32\msfeeds.dll
2015-04-14 22:24:22 ----A---- C:\windows\system32\iesetup.dll
2015-04-14 22:24:22 ----A---- C:\windows\system32\ieapfltr.dll
2015-04-14 22:24:21 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-04-14 22:24:21 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-04-14 22:24:21 ----A---- C:\windows\system32\iertutil.dll
2015-04-14 22:24:20 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-04-14 22:24:20 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-04-14 22:24:20 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-04-14 22:24:20 ----A---- C:\windows\system32\jsproxy.dll
2015-04-14 22:24:20 ----A---- C:\windows\system32\ieUnatt.exe
2015-04-14 22:24:20 ----A---- C:\windows\system32\dxtmsft.dll
2015-04-14 22:24:19 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-04-14 22:24:19 ----A---- C:\windows\system32\mshtmled.dll
2015-04-14 22:24:19 ----A---- C:\windows\system32\ieui.dll
2015-04-14 22:24:19 ----A---- C:\windows\system32\ieframe.dll
2015-04-14 22:24:18 ----A---- C:\windows\system32\wininet.dll
2015-04-14 22:24:18 ----A---- C:\windows\system32\vbscript.dll
2015-04-14 22:24:18 ----A---- C:\windows\system32\jscript9diag.dll
2015-04-14 22:24:18 ----A---- C:\windows\system32\jscript9.dll
2015-04-14 22:24:17 ----A---- C:\windows\system32\msrating.dll
2015-04-14 22:24:17 ----A---- C:\windows\system32\MshtmlDac.dll
2015-04-14 22:24:16 ----A---- C:\windows\system32\mshtml.dll
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wups.dll
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuwebv.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wups2.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wups.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wudriver.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wucltux.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuaueng.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuauclt.exe
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuapp.exe
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuapi.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\WinSetupUI.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\invagent.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\generaltel.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\devinv.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\appraiser.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\aepic.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\aepdu.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\aeinv.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\acmigration.dll
2015-04-14 22:12:25 ----A---- C:\windows\SYSWOW64\gdi32.dll
2015-04-14 22:12:25 ----A---- C:\windows\system32\gdi32.dll
2015-04-14 22:12:23 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2015-04-14 22:12:23 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-04-14 22:12:23 ----A---- C:\windows\system32\msxml3r.dll
2015-04-14 22:12:23 ----A---- C:\windows\system32\msxml3.dll
2015-04-14 22:12:16 ----A---- C:\windows\system32\ntoskrnl.exe
2015-04-14 22:12:15 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-04-14 22:12:15 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-04-14 22:12:15 ----A---- C:\windows\system32\ntdll.dll
2015-04-14 22:12:15 ----A---- C:\windows\system32\KernelBase.dll
2015-04-14 22:12:15 ----A---- C:\windows\system32\kernel32.dll
2015-04-14 22:12:13 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-04-14 22:12:12 ----A---- C:\windows\SYSWOW64\kernel32.dll
2015-04-14 22:12:12 ----A---- C:\windows\system32\wow64win.dll
2015-04-14 22:12:12 ----A---- C:\windows\system32\schannel.dll
2015-04-14 22:12:12 ----A---- C:\windows\system32\lsasrv.dll
2015-04-14 22:12:11 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-04-14 22:12:11 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-04-14 22:12:11 ----A---- C:\windows\system32\wow64.dll
2015-04-14 22:12:11 ----A---- C:\windows\system32\srcore.dll
2015-04-14 22:12:11 ----A---- C:\windows\system32\conhost.exe
2015-04-14 22:12:10 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-04-14 22:12:10 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\winsrv.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\wdigest.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\TSpkg.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\sspicli.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\rstrui.exe
2015-04-14 22:12:10 ----A---- C:\windows\system32\ncrypt.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\msv1_0.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\kerberos.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-04-14 22:12:10 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\setup16.exe
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-04-14 22:12:09 ----A---- C:\windows\system32\srclient.dll
2015-04-14 22:12:09 ----A---- C:\windows\system32\smss.exe
2015-04-14 22:12:09 ----A---- C:\windows\system32\lsass.exe
2015-04-14 22:12:09 ----A---- C:\windows\system32\auditpol.exe
2015-04-14 22:12:08 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-04-14 22:12:08 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-04-14 22:12:08 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\wow64cpu.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\sspisrv.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\secur32.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\ntvdm64.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\csrsrv.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\credssp.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:12:07 ----A---- C:\windows\SYSWOW64\wow32.dll
2015-04-14 22:12:07 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-04-14 22:12:07 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:12:05 ----A---- C:\windows\SYSWOW64\instnm.exe
2015-04-14 22:12:05 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2015-04-14 22:12:05 ----A---- C:\windows\system32\apisetschema.dll
2015-04-14 22:12:04 ----A---- C:\windows\SYSWOW64\user.exe
2015-04-14 22:12:04 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-04-14 22:12:04 ----A---- C:\windows\system32\adtschema.dll
2015-04-14 22:12:03 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-04-14 22:12:03 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-04-14 22:12:03 ----A---- C:\windows\system32\msobjs.dll
2015-04-14 22:12:03 ----A---- C:\windows\system32\msaudite.dll
2015-04-14 22:08:54 ----A---- C:\windows\system32\drivers\http.sys
2015-04-14 22:03:52 ----A---- C:\windows\system32\clfs.sys
2015-04-14 22:03:51 ----A---- C:\windows\SYSWOW64\clfsw32.dll
2015-04-14 22:03:51 ----A---- C:\windows\system32\clfsw32.dll
2015-04-04 14:26:54 ----D---- C:\Users\Michal\AppData\Roaming\Opera Software
2015-04-04 11:53:51 ----SD---- C:\windows\SYSWOW64\GWX
2015-04-04 11:53:51 ----SD---- C:\windows\system32\GWX
2015-03-23 20:26:11 ----D---- C:\Program Files (x86)\WinLemm

======List of files/folders modified in the last 1 month======

2015-04-18 11:23:31 ----D---- C:\Program Files\trend micro
2015-04-18 11:23:30 ----D---- C:\windows\Temp
2015-04-18 11:19:23 ----D---- C:\windows\System32
2015-04-18 11:19:23 ----D---- C:\windows\inf
2015-04-18 11:19:23 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-04-18 11:17:01 ----D---- C:\Users\Michal\AppData\Roaming\Dropbox
2015-04-18 11:16:16 ----A---- C:\windows\SYSWOW64\log.txt
2015-04-18 11:14:49 ----D---- C:\windows\Prefetch
2015-04-18 11:14:03 ----D---- C:\ProgramData\HPQLOG
2015-04-18 11:12:28 ----D---- C:\windows\system32\config
2015-04-18 11:10:28 ----D---- C:\Program Files (x86)
2015-04-18 11:10:27 ----HD---- C:\ProgramData
2015-04-18 11:07:56 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2015-04-18 00:49:08 ----SHD---- C:\System Volume Information
2015-04-17 21:35:54 ----D---- C:\Users\Michal\AppData\Roaming\TS3Client
2015-04-17 20:28:59 ----D---- C:\Program Files (x86)\Steam
2015-04-17 19:27:15 ----D---- C:\windows\Tasks
2015-04-17 19:27:15 ----D---- C:\windows\system32\Tasks
2015-04-17 02:16:12 ----D---- C:\windows\AppCompat
2015-04-16 22:27:03 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2015-04-16 21:25:29 ----SHD---- C:\windows\Installer
2015-04-16 21:25:29 ----D---- C:\ProgramData\Skype
2015-04-16 15:09:42 ----D---- C:\Windows
2015-04-16 01:03:38 ----D---- C:\windows\Microsoft.NET
2015-04-16 01:02:12 ----RSD---- C:\windows\assembly
2015-04-15 22:48:43 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-04-15 21:48:29 ----D---- C:\windows\SysWOW64
2015-04-15 15:56:56 ----D---- C:\windows\winsxs
2015-04-15 08:53:26 ----D---- C:\windows\SYSWOW64\en-US
2015-04-15 08:53:25 ----D---- C:\windows\system32\en-US
2015-04-15 08:53:25 ----D---- C:\windows\PolicyDefinitions
2015-04-15 08:53:23 ----SD---- C:\windows\system32\CompatTel
2015-04-15 08:53:21 ----D---- C:\windows\system32\appraiser
2015-04-15 08:53:20 ----D---- C:\windows\AppPatch
2015-04-15 08:53:03 ----D---- C:\windows\system32\drivers
2015-04-15 08:53:00 ----D---- C:\Program Files\Internet Explorer
2015-04-15 08:52:52 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 08:21:48 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 08:20:04 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 08:15:34 ----D---- C:\windows\system32\MRT
2015-04-15 08:03:36 ----D---- C:\windows\debug
2015-04-15 08:03:27 ----A---- C:\windows\system32\MRT.exe
2015-04-14 22:00:31 ----D---- C:\windows\system32\catroot2
2015-04-14 21:40:09 ----D---- C:\windows\system32\NDF
2015-04-12 19:21:10 ----D---- C:\ProgramData\PDFC
2015-04-06 11:44:33 ----D---- C:\Program Files (x86)\Opera
2015-04-06 11:43:45 ----D---- C:\Program Files\Recuva
2015-04-06 11:39:41 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-04-06 11:38:54 ----RD---- C:\Program Files (x86)\Skype
2015-04-06 11:36:17 ----A---- C:\windows\MoZiLive.ini
2015-04-06 11:35:27 ----D---- C:\ProgramData\Hewlett-Packard
2015-04-06 11:35:26 ----D---- C:\Program Files\Hewlett-Packard
2015-04-06 11:33:10 ----D---- C:\Program Files (x86)\Common Files
2015-04-06 11:22:35 ----D---- C:\Program Files (x86)\ArcSoft
2015-04-06 11:22:25 ----D---- C:\Users\Michal\AppData\Roaming\ArcSoft
2015-04-04 11:54:17 ----D---- C:\windows\Logs
2015-04-04 11:49:19 ----D---- C:\Users\Michal\AppData\Roaming\Spotify
2015-03-26 12:24:37 ----D---- C:\Program Files (x86)\DOSBox-0.74
2015-03-26 11:06:48 ----D---- C:\windows\system32\wbem
2015-03-23 06:45:15 ----D---- C:\Program Files (x86)\Hearthstone
2015-03-23 06:41:36 ----D---- C:\Program Files (x86)\Battle.net

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\windows\system32\DRIVERS\amdkmpfd.sys [2014-10-28 62152]
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-01-27 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-02-09 168008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-07 283200]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 cpuz135;cpuz135; \??\C:\windows\system32\drivers\cpuz135_x64.sys [2010-12-27 21992]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-01-27 43320]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2012-08-19 88728]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2012-08-19 344216]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2012-08-19 114840]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2012-08-19 33944]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2012-08-19 178840]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2012-08-19 77464]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2012-08-19 135832]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2012-08-19 567808]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-12-03 25912]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-01-27 12273408]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2013-03-09 175928]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-02-09 708200]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2011-01-12 2611704]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2013-05-04 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-05-04 468720]
S3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 andnetadb;ADB Interface DriverNet; C:\windows\System32\Drivers\lgandnetadb.sys [2012-07-03 31744]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\windows\system32\DRIVERS\lgandnetdiag64.sys [2012-07-03 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\windows\system32\DRIVERS\lgandnetmodem64.sys [2012-07-03 36352]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\windows\system32\DRIVERS\lgandnetndis64.sys [2012-07-04 93184]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys []
S3 athur;Wireless Network Adapter Service; C:\windows\system32\DRIVERS\athurx.sys [2011-04-20 1930240]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
S3 dc3d;MS Hardware Device Detection Driver; C:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-01-27 12273408]
S3 KMWDFILTER;Eastern Times KM DRIVER; C:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-12-04 20992]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\windows\system32\drivers\massfilter.sys []
S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\windows\system32\DRIVERS\netr28ux.sys [2009-05-25 966144]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 NuidFltr;NUID filter driver; C:\windows\system32\DRIVERS\NuidFltr.sys [2011-08-01 23960]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Point64;Microsoft IntelliPoint Filter Driver; C:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SNP325;USB PC Camera (SNPSTD325); C:\windows\system32\DRIVERS\snp325.sys [2007-11-22 10733184]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 tap0901;TAP-Windows Adapter V9; C:\windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\windows\system32\DRIVERS\taphss6.sys [2014-05-17 42184]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbbus;LGE Mobile Composite USB Device; C:\windows\system32\DRIVERS\lgx64bus.sys [2012-03-02 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\system32\DRIVERS\lgx64diag.sys [2012-03-02 28160]
S3 USBModem;LGE Mobile USB Modem; C:\windows\system32\DRIVERS\lgx64modem.sys [2012-03-02 34816]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-05-04 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-19 211584]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-02-12 481104]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-29 281656]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-01-27 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-05-04 323072]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-04-05 1094712]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-02-04 464480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-24 834752]
S4 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 18 dub 2015 11:20

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineCore1cfff7ac0c0ed59.job
C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8be5ed3748d.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Edon · #7 Příspěvek od **Edon** » 18 dub 2015 11:31

Pripajam

Logfile of random's system information tool 1.10 (written by random/random)
Run by Michal at 2015-04-18 12:31:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 8 GB (1%) free of 588 GB
Total RAM: 4030 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:31:31, on 18. 4. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\tsnp325.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [tsnp325] C:\windows\tsnp325.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 13007 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 38967632
\??\C:\windows\system32\conhost.exe "648024619696592707421647300290724367-290194472-117230961912186167941252810927
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
WLIDSvcM.exe 2188
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
taskeng.exe {2D24EB13-7D1D-4E6A-8E0E-6AD4BD623F5B}
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\windows\system32\Dwm.exe"
taskeng.exe {6862AA9E-A887-46CD-99A4-559067C846F7}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\Explorer.EXE
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\SysWOW64\DllHost.exe /Processid:{B366DEBE-645B-43A5-B865-DDD82C345492}
C:\windows\system32\sppsvc.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\windows\notepad.exe" C:\_OTM\MovedFiles\04182015_122459.log
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Windows\tsnp325.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3676.0.1181217374\2031792116" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,18,41 --gpu-vendor-id=0x1002 --gpu-device-id=0x0000 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_3/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_12/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3676 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3676.2.1305041681\30499819" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_3/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_12/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3676 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3676.3.1651588075\726270218" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=en-US --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_3/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_12/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3676 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3676.7.1043875288\480061066" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
wmiadap.exe /F /T /R
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Users\Michal\Desktop\PC\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\HPCeeScheduleForMICHAL-HP$.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMICHAL-HP$ (null)
C:\windows\tasks\HPCeeScheduleForMichal.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMichal (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\93jxku15.default

prefs.js - "browser.search.useDBForOrder" - false

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-19 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
"IntelliPoint"=c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 2417032]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-05-04 1664000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-04 3011824]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-01-27 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-01-27 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-01-27 418328]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2012-09-23 3477640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-19 127616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-08-19 764032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtvStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-19 127616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
C:\windows\FixCamera.exe [2007-07-11 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe -autolaunch []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP HD Webcam [Fixed]_Monitor]
C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [2010-11-26 267128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MfeEpePcMonitor]
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-02-09 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe /WinStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2012-08-03 1086376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarEditor]
C:\Program Files (x86)\OSCAR Editor X7\\OscarEditor.exe Minimum []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\Michal\AppData\Roaming\QipGuard\QipGuard.exe [2011-04-25 191360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-01-29 299576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-03-25 31682144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp325]
C:\windows\vsnp325.exe [2007-05-10 835584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Michal\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-11-15 1514040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2015-04-14 2889408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe [2015-03-04 1742928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2013-12-13 85600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe [2015-04-02 43382072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-04-05 94264]
""= []
"tsnp325"=C:\windows\tsnp325.exe [2007-04-21 270336]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]

C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-01-27 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-18 12:24:59 ----D---- C:\_OTM
2015-04-18 11:07:39 ----D---- C:\AdwCleaner
2015-04-16 15:09:42 ----D---- C:\windows\rescache
2015-04-15 21:48:29 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2015-04-14 22:24:26 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-04-14 22:24:26 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-04-14 22:24:26 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-04-14 22:24:26 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-04-14 22:24:26 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-04-14 22:24:26 ----A---- C:\windows\system32\ieetwcollector.exe
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-04-14 22:24:25 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-04-14 22:24:25 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 22:24:25 ----A---- C:\windows\system32\iernonce.dll
2015-04-14 22:24:25 ----A---- C:\windows\system32\ie4uinit.exe
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-04-14 22:24:23 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-04-14 22:24:23 ----A---- C:\windows\system32\urlmon.dll
2015-04-14 22:24:23 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-14 22:24:23 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-04-14 22:24:23 ----A---- C:\windows\system32\iedkcs32.dll
2015-04-14 22:24:23 ----A---- C:\windows\system32\dxtrans.dll
2015-04-14 22:24:22 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-04-14 22:24:22 ----A---- C:\windows\system32\msfeeds.dll
2015-04-14 22:24:22 ----A---- C:\windows\system32\iesetup.dll
2015-04-14 22:24:22 ----A---- C:\windows\system32\ieapfltr.dll
2015-04-14 22:24:21 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-04-14 22:24:21 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-04-14 22:24:21 ----A---- C:\windows\system32\iertutil.dll
2015-04-14 22:24:20 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-04-14 22:24:20 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-04-14 22:24:20 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-04-14 22:24:20 ----A---- C:\windows\system32\jsproxy.dll
2015-04-14 22:24:20 ----A---- C:\windows\system32\ieUnatt.exe
2015-04-14 22:24:20 ----A---- C:\windows\system32\dxtmsft.dll
2015-04-14 22:24:19 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-04-14 22:24:19 ----A---- C:\windows\system32\mshtmled.dll
2015-04-14 22:24:19 ----A---- C:\windows\system32\ieui.dll
2015-04-14 22:24:19 ----A---- C:\windows\system32\ieframe.dll
2015-04-14 22:24:18 ----A---- C:\windows\system32\wininet.dll
2015-04-14 22:24:18 ----A---- C:\windows\system32\vbscript.dll
2015-04-14 22:24:18 ----A---- C:\windows\system32\jscript9diag.dll
2015-04-14 22:24:18 ----A---- C:\windows\system32\jscript9.dll
2015-04-14 22:24:17 ----A---- C:\windows\system32\msrating.dll
2015-04-14 22:24:17 ----A---- C:\windows\system32\MshtmlDac.dll
2015-04-14 22:24:16 ----A---- C:\windows\system32\mshtml.dll
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wups.dll
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-04-14 22:17:31 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuwebv.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wups2.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wups.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wudriver.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wucltux.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuaueng.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuauclt.exe
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuapp.exe
2015-04-14 22:17:31 ----A---- C:\windows\system32\wuapi.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-04-14 22:17:31 ----A---- C:\windows\system32\WinSetupUI.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\invagent.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\generaltel.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\devinv.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\appraiser.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\aepic.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\aepdu.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\aeinv.dll
2015-04-14 22:16:35 ----A---- C:\windows\system32\acmigration.dll
2015-04-14 22:12:25 ----A---- C:\windows\SYSWOW64\gdi32.dll
2015-04-14 22:12:25 ----A---- C:\windows\system32\gdi32.dll
2015-04-14 22:12:23 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2015-04-14 22:12:23 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-04-14 22:12:23 ----A---- C:\windows\system32\msxml3r.dll
2015-04-14 22:12:23 ----A---- C:\windows\system32\msxml3.dll
2015-04-14 22:12:16 ----A---- C:\windows\system32\ntoskrnl.exe
2015-04-14 22:12:15 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-04-14 22:12:15 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-04-14 22:12:15 ----A---- C:\windows\system32\ntdll.dll
2015-04-14 22:12:15 ----A---- C:\windows\system32\KernelBase.dll
2015-04-14 22:12:15 ----A---- C:\windows\system32\kernel32.dll
2015-04-14 22:12:13 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-04-14 22:12:12 ----A---- C:\windows\SYSWOW64\kernel32.dll
2015-04-14 22:12:12 ----A---- C:\windows\system32\wow64win.dll
2015-04-14 22:12:12 ----A---- C:\windows\system32\schannel.dll
2015-04-14 22:12:12 ----A---- C:\windows\system32\lsasrv.dll
2015-04-14 22:12:11 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-04-14 22:12:11 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-04-14 22:12:11 ----A---- C:\windows\system32\wow64.dll
2015-04-14 22:12:11 ----A---- C:\windows\system32\srcore.dll
2015-04-14 22:12:11 ----A---- C:\windows\system32\conhost.exe
2015-04-14 22:12:10 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-04-14 22:12:10 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\winsrv.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\wdigest.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\TSpkg.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\sspicli.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\rstrui.exe
2015-04-14 22:12:10 ----A---- C:\windows\system32\ncrypt.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\msv1_0.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\kerberos.dll
2015-04-14 22:12:10 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-04-14 22:12:10 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\setup16.exe
2015-04-14 22:12:09 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-04-14 22:12:09 ----A---- C:\windows\system32\srclient.dll
2015-04-14 22:12:09 ----A---- C:\windows\system32\smss.exe
2015-04-14 22:12:09 ----A---- C:\windows\system32\lsass.exe
2015-04-14 22:12:09 ----A---- C:\windows\system32\auditpol.exe
2015-04-14 22:12:08 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-04-14 22:12:08 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-04-14 22:12:08 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\wow64cpu.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\sspisrv.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\secur32.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\ntvdm64.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\csrsrv.dll
2015-04-14 22:12:08 ----A---- C:\windows\system32\credssp.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:12:07 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:12:07 ----A---- C:\windows\SYSWOW64\wow32.dll
2015-04-14 22:12:07 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-04-14 22:12:07 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:12:06 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:12:05 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:12:05 ----A---- C:\windows\SYSWOW64\instnm.exe
2015-04-14 22:12:05 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2015-04-14 22:12:05 ----A---- C:\windows\system32\apisetschema.dll
2015-04-14 22:12:04 ----A---- C:\windows\SYSWOW64\user.exe
2015-04-14 22:12:04 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-04-14 22:12:04 ----A---- C:\windows\system32\adtschema.dll
2015-04-14 22:12:03 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-04-14 22:12:03 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-04-14 22:12:03 ----A---- C:\windows\system32\msobjs.dll
2015-04-14 22:12:03 ----A---- C:\windows\system32\msaudite.dll
2015-04-14 22:08:54 ----A---- C:\windows\system32\drivers\http.sys
2015-04-14 22:03:52 ----A---- C:\windows\system32\clfs.sys
2015-04-14 22:03:51 ----A---- C:\windows\SYSWOW64\clfsw32.dll
2015-04-14 22:03:51 ----A---- C:\windows\system32\clfsw32.dll
2015-04-04 14:26:54 ----D---- C:\Users\Michal\AppData\Roaming\Opera Software
2015-04-04 11:53:51 ----SD---- C:\windows\SYSWOW64\GWX
2015-04-04 11:53:51 ----SD---- C:\windows\system32\GWX
2015-03-23 20:26:11 ----D---- C:\Program Files (x86)\WinLemm

======List of files/folders modified in the last 1 month======

2015-04-18 12:31:30 ----D---- C:\Program Files\trend micro
2015-04-18 12:30:26 ----D---- C:\Users\Michal\AppData\Roaming\Dropbox
2015-04-18 12:30:08 ----D---- C:\windows\Temp
2015-04-18 12:29:53 ----A---- C:\windows\SYSWOW64\log.txt
2015-04-18 12:27:23 ----D---- C:\ProgramData\HPQLOG
2015-04-18 12:25:56 ----D---- C:\windows\system32\config
2015-04-18 12:25:02 ----D---- C:\windows\Tasks
2015-04-18 11:19:23 ----D---- C:\windows\System32
2015-04-18 11:19:23 ----D---- C:\windows\inf
2015-04-18 11:19:23 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-04-18 11:14:49 ----D---- C:\windows\Prefetch
2015-04-18 11:10:28 ----D---- C:\Program Files (x86)
2015-04-18 11:10:27 ----HD---- C:\ProgramData
2015-04-18 11:07:56 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2015-04-18 00:49:08 ----SHD---- C:\System Volume Information
2015-04-17 21:35:54 ----D---- C:\Users\Michal\AppData\Roaming\TS3Client
2015-04-17 20:28:59 ----D---- C:\Program Files (x86)\Steam
2015-04-17 19:27:15 ----D---- C:\windows\system32\Tasks
2015-04-17 02:16:12 ----D---- C:\windows\AppCompat
2015-04-16 22:27:03 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2015-04-16 21:25:29 ----SHD---- C:\windows\Installer
2015-04-16 21:25:29 ----D---- C:\ProgramData\Skype
2015-04-16 15:09:42 ----D---- C:\Windows
2015-04-16 01:03:38 ----D---- C:\windows\Microsoft.NET
2015-04-16 01:02:12 ----RSD---- C:\windows\assembly
2015-04-15 22:48:43 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-04-15 21:48:29 ----D---- C:\windows\SysWOW64
2015-04-15 15:56:56 ----D---- C:\windows\winsxs
2015-04-15 08:53:26 ----D---- C:\windows\SYSWOW64\en-US
2015-04-15 08:53:25 ----D---- C:\windows\system32\en-US
2015-04-15 08:53:25 ----D---- C:\windows\PolicyDefinitions
2015-04-15 08:53:23 ----SD---- C:\windows\system32\CompatTel
2015-04-15 08:53:21 ----D---- C:\windows\system32\appraiser
2015-04-15 08:53:20 ----D---- C:\windows\AppPatch
2015-04-15 08:53:03 ----D---- C:\windows\system32\drivers
2015-04-15 08:53:00 ----D---- C:\Program Files\Internet Explorer
2015-04-15 08:52:52 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 08:21:48 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 08:20:04 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 08:15:34 ----D---- C:\windows\system32\MRT
2015-04-15 08:03:36 ----D---- C:\windows\debug
2015-04-15 08:03:27 ----A---- C:\windows\system32\MRT.exe
2015-04-14 22:00:31 ----D---- C:\windows\system32\catroot2
2015-04-14 21:40:09 ----D---- C:\windows\system32\NDF
2015-04-12 19:21:10 ----D---- C:\ProgramData\PDFC
2015-04-06 11:44:33 ----D---- C:\Program Files (x86)\Opera
2015-04-06 11:43:45 ----D---- C:\Program Files\Recuva
2015-04-06 11:39:41 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-04-06 11:38:54 ----RD---- C:\Program Files (x86)\Skype
2015-04-06 11:36:17 ----A---- C:\windows\MoZiLive.ini
2015-04-06 11:35:27 ----D---- C:\ProgramData\Hewlett-Packard
2015-04-06 11:35:26 ----D---- C:\Program Files\Hewlett-Packard
2015-04-06 11:33:10 ----D---- C:\Program Files (x86)\Common Files
2015-04-06 11:22:35 ----D---- C:\Program Files (x86)\ArcSoft
2015-04-06 11:22:25 ----D---- C:\Users\Michal\AppData\Roaming\ArcSoft
2015-04-04 11:54:17 ----D---- C:\windows\Logs
2015-04-04 11:49:19 ----D---- C:\Users\Michal\AppData\Roaming\Spotify
2015-03-26 12:24:37 ----D---- C:\Program Files (x86)\DOSBox-0.74
2015-03-26 11:06:48 ----D---- C:\windows\system32\wbem
2015-03-23 06:45:15 ----D---- C:\Program Files (x86)\Hearthstone
2015-03-23 06:41:36 ----D---- C:\Program Files (x86)\Battle.net

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\windows\system32\DRIVERS\amdkmpfd.sys [2014-10-28 62152]
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-01-27 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-02-09 168008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-07 283200]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 cpuz135;cpuz135; \??\C:\windows\system32\drivers\cpuz135_x64.sys [2010-12-27 21992]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-01-27 43320]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2012-08-19 88728]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2012-08-19 344216]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2012-08-19 114840]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2012-08-19 33944]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2012-08-19 178840]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2012-08-19 77464]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2012-08-19 135832]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2012-08-19 567808]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-12-03 25912]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-01-27 12273408]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2013-03-09 175928]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-02-09 708200]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2011-01-12 2611704]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2013-05-04 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-05-04 468720]
S3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 andnetadb;ADB Interface DriverNet; C:\windows\System32\Drivers\lgandnetadb.sys [2012-07-03 31744]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\windows\system32\DRIVERS\lgandnetdiag64.sys [2012-07-03 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\windows\system32\DRIVERS\lgandnetmodem64.sys [2012-07-03 36352]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\windows\system32\DRIVERS\lgandnetndis64.sys [2012-07-04 93184]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys []
S3 athur;Wireless Network Adapter Service; C:\windows\system32\DRIVERS\athurx.sys [2011-04-20 1930240]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
S3 dc3d;MS Hardware Device Detection Driver; C:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-01-27 12273408]
S3 KMWDFILTER;Eastern Times KM DRIVER; C:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-12-04 20992]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\windows\system32\drivers\massfilter.sys []
S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\windows\system32\DRIVERS\netr28ux.sys [2009-05-25 966144]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 NuidFltr;NUID filter driver; C:\windows\system32\DRIVERS\NuidFltr.sys [2011-08-01 23960]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Point64;Microsoft IntelliPoint Filter Driver; C:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SNP325;USB PC Camera (SNPSTD325); C:\windows\system32\DRIVERS\snp325.sys [2007-11-22 10733184]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 tap0901;TAP-Windows Adapter V9; C:\windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\windows\system32\DRIVERS\taphss6.sys [2014-05-17 42184]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbbus;LGE Mobile Composite USB Device; C:\windows\system32\DRIVERS\lgx64bus.sys [2012-03-02 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\system32\DRIVERS\lgx64diag.sys [2012-03-02 28160]
S3 USBModem;LGE Mobile USB Modem; C:\windows\system32\DRIVERS\lgx64modem.sys [2012-03-02 34816]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-05-04 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-19 211584]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-02-12 481104]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-29 281656]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-01-27 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-05-04 323072]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-04-05 1094712]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-02-04 464480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-24 834752]
S4 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 18 dub 2015 11:32

Smazáno. Nastala nějaká změna?

Edon · #9 Příspěvek od **Edon** » 18 dub 2015 11:43

Zatial to vyzera OK uvidime do vecera ked tak este napisem. Zatial dakujem

Moze robit problemy aj to ze mam volne len priblizne 6-7GB pamati?

#10 Příspěvek od **Rudy** » 18 dub 2015 14:17

6-7GB (podle posledního logu 8GB) je sice na hranici minima, nicméně by to asi při 4GB RAM neměl být problém. Pouze uvažujte o přesunutí některých vašich dat na jiné úložiště, nebo odinstalaci nepoužívaných programů. Zatím není zač!

Edon · #11 Příspěvek od **Edon** » 23 dub 2015 22:18

Tak teraz zase :/ aj len otvaranie zloziek mu trva dlho. Co mozme skusit dalej? Dakujem za rady

#12 Příspěvek od **Rudy** » 24 dub 2015 16:30

Jak velké je nyní volné místo na systémovém disku?

Edon · #13 Příspěvek od **Edon** » 02 kvě 2015 19:23

Miesto je okolo 10GB ale teraz som si to vsimol znova vsetko slape ako ma a zrazu proces svchost zacne zrat v pohode aj 1 - 1,3 gb ramky. Nechapem co to moze sposobovat

#14 Příspěvek od **Rudy** » 02 kvě 2015 20:24

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Edon · #15 Příspěvek od **Edon** » 02 kvě 2015 21:28

Vyzera ze to nic poriadne nenaslo :/

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2. 5. 2015
Scan Time: 21:39:47
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.02.04
Rootkit Database: v2015.04.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Michal

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356392
Time Elapsed: 47 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 1
PUP.Optional.CertifiedToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si= ... =2938&q=%s, , [8e4e06882f5bc5717172f407f40f40c0]

Registry Data: 1
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-3200887678-1196560047-2310436280-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si= ... =2938&q=%s, Good: (www.google.com), Bad: (http://search.certified-toolbar.com?si= ... =2938&q=%s),,[ebf1e6a81377c67028c564ac8b7b5da3]

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.SilentInstall.A, C:\ProgramData\Breowse2savue\uninstall.exe, , [0ad2513df7937eb8a895c378e1208c74],

Physical Sectors: 0
(No malicious items detected)

(end)

VIRY.CZ

Spomalene PC win 7 - prosim o kontrolu

Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu

Re: Spomalene PC win 7 - prosim o kontrolu