Prosim o kontrolu logu, v utery jsem zaznamenal problemy s chatem na webmailu od google, nechtel se pripojit i kdyz na jinem pc bezel. Po restartu uz mi nesla ani stranka mail.google.com. Projel jsem nasledne PC nod32, ktery nenasel nic a spybot take nic kritickeho nedetekoval. Vcera se mi parkrat stalo ze vypadlo spojeni na internet, byl jsem schopen pingnout jen lokalni zarizeni i kdyz vsem ostatnim internet bezel, pomohlo prepojeni na wifi nebo reset sitoveho pripojeni.
Diky.
S.
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2014-05-29 09:04:05
Microsoft Windows 8.1 Pro
System drive C: has 7 GB (11%) free of 60 GB
Total RAM: 8106 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:04:11, on 29. 5. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal
Running processes:
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
O4 - HKCU\..\Run: [HP Officejet Pro 8500 A910 (NET)] "C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem51.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11645 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
dashost.exe {94e68946-efb5-49aa-88ec2f2d61df4b34}
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-399fe034-9769-4c1e-bce8-41ac4eccaf79 -SystemEventPortName:HostProcess-4aee653c-2f6b-4fa7-b542-e30691670ad4 -IoCancelEventPortName:HostProcess-48829f6d-f336-4d2d-a5f7-91eb13d8790c -NonStateChangingEventPortName:HostProcess-84cfa397-05c6-4770-ac32-dd5f0ec67db9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:28c138e1-97fb-413b-8b5d-085826c5f8e4 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-23f0b6b5-db29-447e-b92f-80f914595f51 -SystemEventPortName:HostProcess-b4e2c80f-3b54-47fc-972c-a8dfc5999591 -IoCancelEventPortName:HostProcess-979e06e0-9343-4d3d-b77d-ab3ce16036eb -NonStateChangingEventPortName:HostProcess-2e62c632-8418-4226-b83e-6c6fa3b7cc28 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:57993665-cf20-4053-acca-7fb1969ee089 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2a386be2-ce0d-4a21-a734-6f3bdabbf003 -SystemEventPortName:HostProcess-dc693eda-dd70-4472-a8ac-e11785f64f0e -IoCancelEventPortName:HostProcess-ffc5184c-7726-4471-80e5-9b69b007601f -NonStateChangingEventPortName:HostProcess-6a03d5a2-5077-4452-ba3e-25bbaf671a2a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4fd367b4-173b-4277-980f-f1ca0400d10a -DeviceGroupId:
winlogon.exe
"dwm.exe"
taskhostex.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
"C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
taskeng.exe {DFB38BAD-BF14-4BCD-B46D-B4CE59B4470B}
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1760.0.206250824\1900103417" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE"
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1760.5.1705853410\2004158708" /prefetch:673131151
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1760.7.1333736384\1958055698" /prefetch:673131151
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1760.9.1398828768\1695542613" /prefetch:673131151
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1760.11.954498987\1997571921" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1760.12.977683831\380172021" --ppapi-flash-args --lang=en-US --ignored=" --type=renderer " /prefetch:-632637702
"C:\totalcmd\TOTALCMD64.EXE"
taskeng.exe {DD8826C6-A677-4EB2-9B21-16B068F69AA3}
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
"C:\Users\user\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138Core.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138UA.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-04-25 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 2333400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-04-25 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 1728216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-03-04 74288]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"=C:\Program Files\TrueCrypt\TrueCrypt.exe [2014-02-13 1516496]
"HP Officejet Pro 8500 A910 (NET)"=C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-15 116648]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2013-07-19 703888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-04-25 4101584]
[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTVScheduleAgent.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\WINDOWS\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-05-29 09:04:06 ----D---- C:\Program Files\trend micro
2014-05-29 09:04:05 ----D---- C:\rsit
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-05-28 17:53:00 ----A---- C:\WINDOWS\system32\twinui.dll
2014-05-28 17:52:59 ----A---- C:\WINDOWS\system32\shell32.dll
2014-05-28 17:52:58 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-28 17:52:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-05-28 17:52:56 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-28 17:52:55 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\win32k.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\localspl.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\winmde.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\SYSWOW64\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\services.exe
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\swprv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\resutils.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\srcore.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfps.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-05-28 17:48:09 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-05-27 16:43:16 ----A---- C:\WINDOWS\system32\sdnclean64.exe
2014-05-27 16:43:10 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-05-27 16:42:52 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-27 13:21:20 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-27 13:09:15 ----D---- C:\Program Files\CCleaner
2014-05-27 12:15:57 ----D---- C:\ProgramData\ESET
2014-05-27 12:15:57 ----D---- C:\Program Files\ESET
2014-05-24 16:09:25 ----D---- C:\Users\user\AppData\Roaming\KWorld Multimedia
2014-05-24 16:00:42 ----D---- C:\Program Files (x86)\GIGABYTE
2014-05-24 15:59:48 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBTSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\SuperFrameSplitter.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTL283XACCESS.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBT.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFMSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFM.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABMWare.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDAB.dll
2014-05-24 15:59:42 ----D---- C:\WINDOWS\RTL
2014-05-22 19:04:10 ----D---- C:\Users\user\AppData\Roaming\Mozilla
2014-05-17 10:23:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\system32\wusa.exe
2014-05-14 15:14:49 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-05-14 15:14:48 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-05-14 15:14:47 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\storewuauth.dll
2014-05-14 15:14:16 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-05-14 15:14:14 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\ubpm.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-05-14 15:14:02 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-05-14 15:14:01 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt_map.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt_map.dll
2014-05-11 17:59:49 ----D---- C:\Program Files (x86)\Technitium
2014-05-05 08:54:06 ----D---- C:\Users\user\AppData\Roaming\VitySoft
2014-04-30 19:46:10 ----D---- C:\Users\user\AppData\Roaming\pdfforge
2014-04-30 19:46:04 ----A---- C:\WINDOWS\system32\pdfcmon.dll
2014-04-30 19:46:02 ----D---- C:\Program Files (x86)\PDFCreator
2014-04-30 19:46:02 ----A---- C:\WINDOWS\SYSWOW64\MSMPIDE.DLL
======List of files/folders modified in the last 1 month======
2014-05-29 09:04:06 ----RD---- C:\Program Files
2014-05-29 09:03:45 ----D---- C:\WINDOWS\Temp
2014-05-29 09:03:13 ----HD---- C:\Program Files\WindowsApps
2014-05-29 09:02:01 ----D---- C:\WINDOWS\system32\sru
2014-05-29 08:58:34 ----D---- C:\WINDOWS\Prefetch
2014-05-29 08:57:55 ----RD---- C:\WINDOWS\System32
2014-05-29 08:57:55 ----D---- C:\WINDOWS\Inf
2014-05-29 08:57:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-29 08:56:16 ----D---- C:\WINDOWS\AppReadiness
2014-05-28 18:05:05 ----HD---- C:\ProgramData
2014-05-28 18:05:03 ----D---- C:\WINDOWS\system32\config
2014-05-28 18:05:03 ----D---- C:\Windows
2014-05-28 18:05:02 ----D---- C:\WINDOWS\Microsoft.NET
2014-05-28 18:04:59 ----D---- C:\WINDOWS\WinSxS
2014-05-28 18:03:59 ----D---- C:\WINDOWS\system32\drivers
2014-05-28 18:01:51 ----RD---- C:\WINDOWS\ToastData
2014-05-28 18:01:51 ----D---- C:\WINDOWS\SysWOW64
2014-05-28 18:01:50 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\oobe
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\en-US
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2014-05-28 18:01:47 ----D---- C:\WINDOWS\system32\DriverStore
2014-05-28 17:57:33 ----D---- C:\WINDOWS\CbsTemp
2014-05-28 17:48:53 ----D---- C:\WINDOWS\system32\catroot2
2014-05-28 17:24:43 ----D---- C:\WINDOWS\system32\drivers\etc
2014-05-28 15:28:58 ----D---- C:\Users\user\AppData\Roaming\Skype
2014-05-28 14:13:27 ----SHD---- C:\WINDOWS\Installer
2014-05-28 14:13:27 ----SHD---- C:\Config.Msi
2014-05-28 14:13:17 ----SHD---- C:\System Volume Information
2014-05-28 13:11:33 ----RSD---- C:\WINDOWS\assembly
2014-05-28 10:28:47 ----D---- C:\WINDOWS\system32\FxsTmp
2014-05-28 09:28:33 ----D---- C:\WINDOWS\Logs
2014-05-28 09:16:03 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-05-27 16:43:39 ----D---- C:\WINDOWS\system32\Tasks
2014-05-27 16:43:32 ----SD---- C:\ProgramData\Microsoft
2014-05-27 16:42:52 ----RD---- C:\Program Files (x86)
2014-05-27 16:22:34 ----D---- C:\WINDOWS\system32\wdi
2014-05-27 16:19:46 ----D---- C:\WINDOWS\SoftwareDistribution
2014-05-27 13:14:51 ----DC---- C:\WINDOWS\Panther
2014-05-27 13:14:51 ----D---- C:\WINDOWS\Minidump
2014-05-27 13:14:51 ----D---- C:\WINDOWS\debug
2014-05-27 11:39:40 ----D---- C:\Users\user\AppData\Roaming\Dropbox
2014-05-24 23:47:42 ----D---- C:\Users\user\AppData\Roaming\vlc
2014-05-24 16:00:42 ----RSD---- C:\WINDOWS\Fonts
2014-05-24 15:59:44 ----D---- C:\WINDOWS\system32\catroot
2014-05-18 14:36:26 ----D---- C:\WINDOWS\rescache
2014-05-17 12:28:09 ----D---- C:\ProgramData\Microsoft Help
2014-05-17 00:22:48 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2014-05-17 00:22:47 ----D---- C:\Program Files\Windows Defender
2014-05-17 00:22:47 ----D---- C:\Program Files (x86)\Windows Defender
2014-05-17 00:22:46 ----D---- C:\WINDOWS\WinStore
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-05-17 00:22:46 ----D---- C:\WINDOWS\system32\cs-CZ
2014-05-17 00:22:45 ----D---- C:\WINDOWS\system32\en-US
2014-05-17 00:22:44 ----D---- C:\WINDOWS\apppatch
2014-05-15 09:28:06 ----D---- C:\WINDOWS\system32\MRT
2014-05-15 09:26:54 ----A---- C:\WINDOWS\system32\MRT.exe
2014-05-15 09:17:48 ----A---- C:\WINDOWS\win.ini
2014-05-09 17:45:50 ----D---- C:\WINDOWS\system32\NDF
2014-05-07 09:41:39 ----D---- C:\Users\user\AppData\Roaming\VMware
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2013-09-17 239296]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwr64v.sys [2014-03-07 20736]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2014-02-13 231376]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [2012-07-06 47768]
R3 CnxtHdAudService;@oem52.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2011-03-24 1576064]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 dc3d;@oem26.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2011-05-18 47616]
R3 DNE;@oem29.inf,%DneMP_Desc%;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem20.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2013-08-22 11776]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-04-24 460528]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [2013-07-19 112080]
S3 androidusb;@oem24.inf,%SAMSUNG.Adb.SvcDesc%;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\WINDOWS\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 FTDIBUS;@oem33.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2013-05-08 76648]
S3 FTSER2K;@oem34.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2013-05-08 85864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 RSPCIESTOR;@oem19.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2011-05-04 338536]
S3 RTL2832UBDA;@oem42.inf,%RTLUSBDEV.BDA_Desc%;REALTEK 2832U BDA Driver; C:\WINDOWS\system32\drivers\RTL2832UBDA.sys [2014-05-24 237968]
S3 RTL2832UUSB;@oem42.inf,%RTLUSBDEV.USB_Desc%;REALTEK 2832U USB Driver; C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [2014-05-24 39056]
S3 ssadbus;@oem23.inf,%SAMSUNG.Service.Desc%;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\System32\drivers\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;@oem27.inf,%Samsung.Filter.Name%;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;@oem27.inf,%Samsung.Service.Name%;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;@oem28.inf,%Samsung.Service.Name%;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-22 33280]
S3 vpnva;@oem2.inf,%VPNVA64_Desc%;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64; C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys [2013-07-19 52080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-02-13 43696]
R2 IBMPMSVC;@oem51.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-03-10 2085184]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2013-12-11 468288]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-02 4972864]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-07-06 856728]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-07-19 557968]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-03-07 1669976]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-03-04 573488]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-03-04 512048]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-03-04 527920]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-03-04 702512]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-04-25 1738200]
S3 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-04-25 2081752]
S3 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-02-21 24120]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problemy se sítí
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problemy se sítí
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problemy se sítí
Díky za radu, dneska se mi problém zatím neprojevil, ale mám z toho takový blbý pocit 
Požadovaný log :
# AdwCleaner v3.211 - Report created 29/05/2014 at 21:23:38
# Updated 26/05/2014 by Xplode
# Operating System : Windows 8.1 Pro (64 bits)
# Username : user - EC4
# Running from : C:\Users\user\Desktop\adwcleaner_3.211.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\user\AppData\Roaming\pdfforge
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\Software
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17037
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [880 octets] - [29/05/2014 21:22:09]
AdwCleaner[S0].txt - [808 octets] - [29/05/2014 21:23:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [867 octets] ##########
Požadovaný log :
# AdwCleaner v3.211 - Report created 29/05/2014 at 21:23:38
# Updated 26/05/2014 by Xplode
# Operating System : Windows 8.1 Pro (64 bits)
# Username : user - EC4
# Running from : C:\Users\user\Desktop\adwcleaner_3.211.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\user\AppData\Roaming\pdfforge
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\Software
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17037
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [880 octets] - [29/05/2014 21:22:09]
AdwCleaner[S0].txt - [808 octets] - [29/05/2014 21:23:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [867 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problemy se sítí
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problemy se sítí
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2014-05-29 22:02:31
Microsoft Windows 8.1 Pro
System drive C: has 7 GB (11%) free of 60 GB
Total RAM: 8106 MB (87% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:02:45, on 29. 5. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal
Running processes:
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
O4 - HKCU\..\Run: [HP Officejet Pro 8500 A910 (NET)] "C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem51.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11158 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
dashost.exe {1353842d-fe2c-481e-9cdaf35809ddacbe}
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8317ea6a-6ae7-4b06-844b-6ea9d299537e -SystemEventPortName:HostProcess-fa357f7d-cb1b-4690-b23f-d5cb1a6c15e6 -IoCancelEventPortName:HostProcess-e903df43-9960-489b-ae08-d5c3fa5236de -NonStateChangingEventPortName:HostProcess-bd5bb710-9835-4404-bd9a-4ad7b6328ba4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2e774776-4cd7-42ca-95f6-8f65f085960a -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c78cfb38-e52c-499e-a727-fe8ccc0ef383 -SystemEventPortName:HostProcess-b6fa9d8c-5d10-427a-af7b-690cc43585b9 -IoCancelEventPortName:HostProcess-eeb9aaae-bc45-4dd6-a519-e561fc2aeb03 -NonStateChangingEventPortName:HostProcess-fccf2d60-2eff-4c1d-a2f6-8076499317cc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0fe8b4b1-1584-4cc3-b042-5045fe1a3214 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3c26802a-ed49-414e-9f73-e7c831199a13 -SystemEventPortName:HostProcess-a227b0de-c4a5-40de-8183-dc6f7527608d -IoCancelEventPortName:HostProcess-14f7d1bc-5172-4a44-86bb-3605af2ae08a -NonStateChangingEventPortName:HostProcess-9fadb5ee-6f5a-4fa5-ae8f-b9b16bd919ae -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:983574a4-610f-4e3b-8a37-bdd39ad97603 -DeviceGroupId:
taskhostex.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
taskeng.exe {699E2345-FBBA-4A89-A90C-5E342DB15A94}
"C:\Users\user\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138Core.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138UA.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-04-25 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 2333400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-04-25 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 1728216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-03-04 74288]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"=C:\Program Files\TrueCrypt\TrueCrypt.exe [2014-02-13 1516496]
"HP Officejet Pro 8500 A910 (NET)"=C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-15 116648]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2013-07-19 703888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-04-25 4101584]
[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTVScheduleAgent.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\WINDOWS\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-05-29 21:22:34 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-05-29 21:22:04 ----D---- C:\AdwCleaner
2014-05-29 09:04:06 ----D---- C:\Program Files\trend micro
2014-05-29 09:04:05 ----D---- C:\rsit
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-05-28 17:53:00 ----A---- C:\WINDOWS\system32\twinui.dll
2014-05-28 17:52:59 ----A---- C:\WINDOWS\system32\shell32.dll
2014-05-28 17:52:58 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-28 17:52:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-05-28 17:52:56 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-28 17:52:55 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\win32k.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\localspl.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\winmde.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\SYSWOW64\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\services.exe
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\swprv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\resutils.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\srcore.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfps.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-05-28 17:48:09 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-05-27 16:43:16 ----A---- C:\WINDOWS\system32\sdnclean64.exe
2014-05-27 16:43:10 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-05-27 16:42:52 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-27 13:21:20 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-27 13:09:15 ----D---- C:\Program Files\CCleaner
2014-05-27 12:15:57 ----D---- C:\ProgramData\ESET
2014-05-27 12:15:57 ----D---- C:\Program Files\ESET
2014-05-24 16:09:25 ----D---- C:\Users\user\AppData\Roaming\KWorld Multimedia
2014-05-24 16:00:42 ----D---- C:\Program Files (x86)\GIGABYTE
2014-05-24 15:59:48 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBTSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\SuperFrameSplitter.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTL283XACCESS.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBT.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFMSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFM.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABMWare.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDAB.dll
2014-05-24 15:59:42 ----D---- C:\WINDOWS\RTL
2014-05-22 19:04:10 ----D---- C:\Users\user\AppData\Roaming\Mozilla
2014-05-17 10:23:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\system32\wusa.exe
2014-05-14 15:14:49 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-05-14 15:14:48 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-05-14 15:14:47 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\storewuauth.dll
2014-05-14 15:14:16 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-05-14 15:14:14 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\ubpm.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-05-14 15:14:02 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-05-14 15:14:01 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt_map.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt_map.dll
2014-05-11 17:59:49 ----D---- C:\Program Files (x86)\Technitium
2014-05-05 08:54:06 ----D---- C:\Users\user\AppData\Roaming\VitySoft
2014-04-30 19:46:04 ----A---- C:\WINDOWS\system32\pdfcmon.dll
2014-04-30 19:46:02 ----D---- C:\Program Files (x86)\PDFCreator
2014-04-30 19:46:02 ----A---- C:\WINDOWS\SYSWOW64\MSMPIDE.DLL
======List of files/folders modified in the last 1 month======
2014-05-29 22:00:13 ----D---- C:\WINDOWS\Temp
2014-05-29 22:00:00 ----D---- C:\WINDOWS\system32\sru
2014-05-29 21:31:01 ----RD---- C:\WINDOWS\System32
2014-05-29 21:31:01 ----D---- C:\WINDOWS\Inf
2014-05-29 21:31:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-29 21:25:02 ----D---- C:\Windows
2014-05-29 21:23:55 ----D---- C:\WINDOWS\Prefetch
2014-05-29 21:22:34 ----D---- C:\WINDOWS\SysWOW64
2014-05-29 21:10:23 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-05-29 17:37:13 ----D---- C:\Users\user\AppData\Roaming\Skype
2014-05-29 15:34:29 ----D---- C:\WINDOWS\system32\FxsTmp
2014-05-29 10:57:30 ----D---- C:\WINDOWS\Microsoft.NET
2014-05-29 09:23:04 ----D---- C:\WINDOWS\system32\drivers\etc
2014-05-29 09:04:06 ----RD---- C:\Program Files
2014-05-29 09:03:13 ----HD---- C:\Program Files\WindowsApps
2014-05-29 09:03:13 ----D---- C:\WINDOWS\AppReadiness
2014-05-29 09:00:04 ----D---- C:\WINDOWS\system32\config
2014-05-28 18:05:05 ----HD---- C:\ProgramData
2014-05-28 18:04:59 ----D---- C:\WINDOWS\WinSxS
2014-05-28 18:03:59 ----D---- C:\WINDOWS\system32\drivers
2014-05-28 18:01:51 ----RD---- C:\WINDOWS\ToastData
2014-05-28 18:01:50 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\oobe
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\en-US
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2014-05-28 18:01:47 ----D---- C:\WINDOWS\system32\DriverStore
2014-05-28 17:57:57 ----D---- C:\WINDOWS\CbsTemp
2014-05-28 17:48:53 ----D---- C:\WINDOWS\system32\catroot2
2014-05-28 14:13:27 ----SHD---- C:\WINDOWS\Installer
2014-05-28 14:13:27 ----SHD---- C:\Config.Msi
2014-05-28 14:13:17 ----SHD---- C:\System Volume Information
2014-05-28 13:11:33 ----RSD---- C:\WINDOWS\assembly
2014-05-28 09:28:33 ----D---- C:\WINDOWS\Logs
2014-05-27 16:43:39 ----D---- C:\WINDOWS\system32\Tasks
2014-05-27 16:43:32 ----SD---- C:\ProgramData\Microsoft
2014-05-27 16:42:52 ----RD---- C:\Program Files (x86)
2014-05-27 16:22:34 ----D---- C:\WINDOWS\system32\wdi
2014-05-27 16:19:46 ----D---- C:\WINDOWS\SoftwareDistribution
2014-05-27 13:14:51 ----DC---- C:\WINDOWS\Panther
2014-05-27 13:14:51 ----D---- C:\WINDOWS\Minidump
2014-05-27 13:14:51 ----D---- C:\WINDOWS\debug
2014-05-27 11:39:40 ----D---- C:\Users\user\AppData\Roaming\Dropbox
2014-05-24 23:47:42 ----D---- C:\Users\user\AppData\Roaming\vlc
2014-05-24 16:00:42 ----RSD---- C:\WINDOWS\Fonts
2014-05-24 15:59:44 ----D---- C:\WINDOWS\system32\catroot
2014-05-18 14:36:26 ----D---- C:\WINDOWS\rescache
2014-05-17 12:28:09 ----D---- C:\ProgramData\Microsoft Help
2014-05-17 00:22:48 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2014-05-17 00:22:47 ----D---- C:\Program Files\Windows Defender
2014-05-17 00:22:47 ----D---- C:\Program Files (x86)\Windows Defender
2014-05-17 00:22:46 ----D---- C:\WINDOWS\WinStore
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-05-17 00:22:46 ----D---- C:\WINDOWS\system32\cs-CZ
2014-05-17 00:22:45 ----D---- C:\WINDOWS\system32\en-US
2014-05-17 00:22:44 ----D---- C:\WINDOWS\apppatch
2014-05-15 09:28:06 ----D---- C:\WINDOWS\system32\MRT
2014-05-15 09:26:54 ----A---- C:\WINDOWS\system32\MRT.exe
2014-05-15 09:17:48 ----A---- C:\WINDOWS\win.ini
2014-05-09 17:45:50 ----D---- C:\WINDOWS\system32\NDF
2014-05-07 09:41:39 ----D---- C:\Users\user\AppData\Roaming\VMware
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2013-09-17 239296]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwr64v.sys [2014-03-07 20736]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2014-02-13 231376]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [2012-07-06 47768]
R3 CnxtHdAudService;@oem52.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2011-03-24 1576064]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 DNE;@oem29.inf,%DneMP_Desc%;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem20.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2013-08-22 11776]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-04-24 460528]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [2013-07-19 112080]
S3 androidusb;@oem24.inf,%SAMSUNG.Adb.SvcDesc%;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\WINDOWS\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dc3d;@oem26.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2011-05-18 47616]
S3 FTDIBUS;@oem33.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2013-05-08 76648]
S3 FTSER2K;@oem34.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2013-05-08 85864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 RSPCIESTOR;@oem19.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2011-05-04 338536]
S3 RTL2832UBDA;@oem42.inf,%RTLUSBDEV.BDA_Desc%;REALTEK 2832U BDA Driver; C:\WINDOWS\system32\drivers\RTL2832UBDA.sys [2014-05-24 237968]
S3 RTL2832UUSB;@oem42.inf,%RTLUSBDEV.USB_Desc%;REALTEK 2832U USB Driver; C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [2014-05-24 39056]
S3 ssadbus;@oem23.inf,%SAMSUNG.Service.Desc%;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\System32\drivers\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;@oem27.inf,%Samsung.Filter.Name%;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;@oem27.inf,%Samsung.Service.Name%;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;@oem28.inf,%Samsung.Service.Name%;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-22 33280]
S3 vpnva;@oem2.inf,%VPNVA64_Desc%;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64; C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys [2013-07-19 52080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-02-13 43696]
R2 IBMPMSVC;@oem51.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-03-10 2085184]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2013-12-11 468288]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-02 4972864]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-07-06 856728]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-07-19 557968]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-03-07 1669976]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-03-04 573488]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-03-04 512048]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-03-04 527920]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-03-04 702512]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-04-25 1738200]
S3 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-04-25 2081752]
S3 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-02-21 24120]
-----------------EOF-----------------
Run by user at 2014-05-29 22:02:31
Microsoft Windows 8.1 Pro
System drive C: has 7 GB (11%) free of 60 GB
Total RAM: 8106 MB (87% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:02:45, on 29. 5. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal
Running processes:
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
O4 - HKCU\..\Run: [HP Officejet Pro 8500 A910 (NET)] "C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem51.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11158 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
dashost.exe {1353842d-fe2c-481e-9cdaf35809ddacbe}
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8317ea6a-6ae7-4b06-844b-6ea9d299537e -SystemEventPortName:HostProcess-fa357f7d-cb1b-4690-b23f-d5cb1a6c15e6 -IoCancelEventPortName:HostProcess-e903df43-9960-489b-ae08-d5c3fa5236de -NonStateChangingEventPortName:HostProcess-bd5bb710-9835-4404-bd9a-4ad7b6328ba4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2e774776-4cd7-42ca-95f6-8f65f085960a -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c78cfb38-e52c-499e-a727-fe8ccc0ef383 -SystemEventPortName:HostProcess-b6fa9d8c-5d10-427a-af7b-690cc43585b9 -IoCancelEventPortName:HostProcess-eeb9aaae-bc45-4dd6-a519-e561fc2aeb03 -NonStateChangingEventPortName:HostProcess-fccf2d60-2eff-4c1d-a2f6-8076499317cc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0fe8b4b1-1584-4cc3-b042-5045fe1a3214 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3c26802a-ed49-414e-9f73-e7c831199a13 -SystemEventPortName:HostProcess-a227b0de-c4a5-40de-8183-dc6f7527608d -IoCancelEventPortName:HostProcess-14f7d1bc-5172-4a44-86bb-3605af2ae08a -NonStateChangingEventPortName:HostProcess-9fadb5ee-6f5a-4fa5-ae8f-b9b16bd919ae -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:983574a4-610f-4e3b-8a37-bdd39ad97603 -DeviceGroupId:
taskhostex.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
taskeng.exe {699E2345-FBBA-4A89-A90C-5E342DB15A94}
"C:\Users\user\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138Core.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138UA.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-04-25 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 2333400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-04-25 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 1728216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-03-04 74288]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"=C:\Program Files\TrueCrypt\TrueCrypt.exe [2014-02-13 1516496]
"HP Officejet Pro 8500 A910 (NET)"=C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-15 116648]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2013-07-19 703888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-04-25 4101584]
[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTVScheduleAgent.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\WINDOWS\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-05-29 21:22:34 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-05-29 21:22:04 ----D---- C:\AdwCleaner
2014-05-29 09:04:06 ----D---- C:\Program Files\trend micro
2014-05-29 09:04:05 ----D---- C:\rsit
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-05-28 17:53:00 ----A---- C:\WINDOWS\system32\twinui.dll
2014-05-28 17:52:59 ----A---- C:\WINDOWS\system32\shell32.dll
2014-05-28 17:52:58 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-28 17:52:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-05-28 17:52:56 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-28 17:52:55 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\win32k.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\localspl.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\winmde.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\SYSWOW64\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\services.exe
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\swprv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\resutils.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\srcore.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfps.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-05-28 17:48:09 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-05-27 16:43:16 ----A---- C:\WINDOWS\system32\sdnclean64.exe
2014-05-27 16:43:10 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-05-27 16:42:52 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-27 13:21:20 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-27 13:09:15 ----D---- C:\Program Files\CCleaner
2014-05-27 12:15:57 ----D---- C:\ProgramData\ESET
2014-05-27 12:15:57 ----D---- C:\Program Files\ESET
2014-05-24 16:09:25 ----D---- C:\Users\user\AppData\Roaming\KWorld Multimedia
2014-05-24 16:00:42 ----D---- C:\Program Files (x86)\GIGABYTE
2014-05-24 15:59:48 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBTSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\SuperFrameSplitter.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTL283XACCESS.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBT.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFMSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFM.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABMWare.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDAB.dll
2014-05-24 15:59:42 ----D---- C:\WINDOWS\RTL
2014-05-22 19:04:10 ----D---- C:\Users\user\AppData\Roaming\Mozilla
2014-05-17 10:23:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\system32\wusa.exe
2014-05-14 15:14:49 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-05-14 15:14:48 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-05-14 15:14:47 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\storewuauth.dll
2014-05-14 15:14:16 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-05-14 15:14:14 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\ubpm.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-05-14 15:14:02 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-05-14 15:14:01 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt_map.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt_map.dll
2014-05-11 17:59:49 ----D---- C:\Program Files (x86)\Technitium
2014-05-05 08:54:06 ----D---- C:\Users\user\AppData\Roaming\VitySoft
2014-04-30 19:46:04 ----A---- C:\WINDOWS\system32\pdfcmon.dll
2014-04-30 19:46:02 ----D---- C:\Program Files (x86)\PDFCreator
2014-04-30 19:46:02 ----A---- C:\WINDOWS\SYSWOW64\MSMPIDE.DLL
======List of files/folders modified in the last 1 month======
2014-05-29 22:00:13 ----D---- C:\WINDOWS\Temp
2014-05-29 22:00:00 ----D---- C:\WINDOWS\system32\sru
2014-05-29 21:31:01 ----RD---- C:\WINDOWS\System32
2014-05-29 21:31:01 ----D---- C:\WINDOWS\Inf
2014-05-29 21:31:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-29 21:25:02 ----D---- C:\Windows
2014-05-29 21:23:55 ----D---- C:\WINDOWS\Prefetch
2014-05-29 21:22:34 ----D---- C:\WINDOWS\SysWOW64
2014-05-29 21:10:23 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-05-29 17:37:13 ----D---- C:\Users\user\AppData\Roaming\Skype
2014-05-29 15:34:29 ----D---- C:\WINDOWS\system32\FxsTmp
2014-05-29 10:57:30 ----D---- C:\WINDOWS\Microsoft.NET
2014-05-29 09:23:04 ----D---- C:\WINDOWS\system32\drivers\etc
2014-05-29 09:04:06 ----RD---- C:\Program Files
2014-05-29 09:03:13 ----HD---- C:\Program Files\WindowsApps
2014-05-29 09:03:13 ----D---- C:\WINDOWS\AppReadiness
2014-05-29 09:00:04 ----D---- C:\WINDOWS\system32\config
2014-05-28 18:05:05 ----HD---- C:\ProgramData
2014-05-28 18:04:59 ----D---- C:\WINDOWS\WinSxS
2014-05-28 18:03:59 ----D---- C:\WINDOWS\system32\drivers
2014-05-28 18:01:51 ----RD---- C:\WINDOWS\ToastData
2014-05-28 18:01:50 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\oobe
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\en-US
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2014-05-28 18:01:47 ----D---- C:\WINDOWS\system32\DriverStore
2014-05-28 17:57:57 ----D---- C:\WINDOWS\CbsTemp
2014-05-28 17:48:53 ----D---- C:\WINDOWS\system32\catroot2
2014-05-28 14:13:27 ----SHD---- C:\WINDOWS\Installer
2014-05-28 14:13:27 ----SHD---- C:\Config.Msi
2014-05-28 14:13:17 ----SHD---- C:\System Volume Information
2014-05-28 13:11:33 ----RSD---- C:\WINDOWS\assembly
2014-05-28 09:28:33 ----D---- C:\WINDOWS\Logs
2014-05-27 16:43:39 ----D---- C:\WINDOWS\system32\Tasks
2014-05-27 16:43:32 ----SD---- C:\ProgramData\Microsoft
2014-05-27 16:42:52 ----RD---- C:\Program Files (x86)
2014-05-27 16:22:34 ----D---- C:\WINDOWS\system32\wdi
2014-05-27 16:19:46 ----D---- C:\WINDOWS\SoftwareDistribution
2014-05-27 13:14:51 ----DC---- C:\WINDOWS\Panther
2014-05-27 13:14:51 ----D---- C:\WINDOWS\Minidump
2014-05-27 13:14:51 ----D---- C:\WINDOWS\debug
2014-05-27 11:39:40 ----D---- C:\Users\user\AppData\Roaming\Dropbox
2014-05-24 23:47:42 ----D---- C:\Users\user\AppData\Roaming\vlc
2014-05-24 16:00:42 ----RSD---- C:\WINDOWS\Fonts
2014-05-24 15:59:44 ----D---- C:\WINDOWS\system32\catroot
2014-05-18 14:36:26 ----D---- C:\WINDOWS\rescache
2014-05-17 12:28:09 ----D---- C:\ProgramData\Microsoft Help
2014-05-17 00:22:48 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2014-05-17 00:22:47 ----D---- C:\Program Files\Windows Defender
2014-05-17 00:22:47 ----D---- C:\Program Files (x86)\Windows Defender
2014-05-17 00:22:46 ----D---- C:\WINDOWS\WinStore
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-05-17 00:22:46 ----D---- C:\WINDOWS\system32\cs-CZ
2014-05-17 00:22:45 ----D---- C:\WINDOWS\system32\en-US
2014-05-17 00:22:44 ----D---- C:\WINDOWS\apppatch
2014-05-15 09:28:06 ----D---- C:\WINDOWS\system32\MRT
2014-05-15 09:26:54 ----A---- C:\WINDOWS\system32\MRT.exe
2014-05-15 09:17:48 ----A---- C:\WINDOWS\win.ini
2014-05-09 17:45:50 ----D---- C:\WINDOWS\system32\NDF
2014-05-07 09:41:39 ----D---- C:\Users\user\AppData\Roaming\VMware
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2013-09-17 239296]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwr64v.sys [2014-03-07 20736]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2014-02-13 231376]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [2012-07-06 47768]
R3 CnxtHdAudService;@oem52.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2011-03-24 1576064]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 DNE;@oem29.inf,%DneMP_Desc%;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem20.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2013-08-22 11776]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-04-24 460528]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [2013-07-19 112080]
S3 androidusb;@oem24.inf,%SAMSUNG.Adb.SvcDesc%;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\WINDOWS\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dc3d;@oem26.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2011-05-18 47616]
S3 FTDIBUS;@oem33.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2013-05-08 76648]
S3 FTSER2K;@oem34.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2013-05-08 85864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 RSPCIESTOR;@oem19.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2011-05-04 338536]
S3 RTL2832UBDA;@oem42.inf,%RTLUSBDEV.BDA_Desc%;REALTEK 2832U BDA Driver; C:\WINDOWS\system32\drivers\RTL2832UBDA.sys [2014-05-24 237968]
S3 RTL2832UUSB;@oem42.inf,%RTLUSBDEV.USB_Desc%;REALTEK 2832U USB Driver; C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [2014-05-24 39056]
S3 ssadbus;@oem23.inf,%SAMSUNG.Service.Desc%;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\System32\drivers\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;@oem27.inf,%Samsung.Filter.Name%;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;@oem27.inf,%Samsung.Service.Name%;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;@oem28.inf,%Samsung.Service.Name%;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-22 33280]
S3 vpnva;@oem2.inf,%VPNVA64_Desc%;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64; C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys [2013-07-19 52080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-02-13 43696]
R2 IBMPMSVC;@oem51.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-03-10 2085184]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2013-12-11 468288]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-02 4972864]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-07-06 856728]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-07-19 557968]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-03-07 1669976]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-03-04 573488]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-03-04 512048]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-03-04 527920]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-03-04 702512]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-04-25 1738200]
S3 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-04-25 2081752]
S3 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-02-21 24120]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problemy se sítí
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138Core.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138UA.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problemy se sítí
OTM napoprvé neproběhnul kompletně takže jsem dal Move It ještě jednou a radši přidávám log i z něho.
OTM:
All processes killed
Error: Unable to interpret <C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler> in the current context!
Error: Unable to interpret <C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138Core.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c> in the current context!
Error: Unable to interpret <C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138UA.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler > in the current context!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: user
->Temp folder emptied: 25638832 bytes
->Temporary Internet Files folder emptied: 31968398 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 245299220 bytes
->Flash cache emptied: 58489 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 47612 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 289,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: user
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 05302014_002304
Files moved on Reboot...
File C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\TWGJV09G\index[1].htm not found!
File C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\TWGJV09G\meta[4].htm not found!
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\WINDOWS\temp\vmware-SYSTEM\vmware-usbarb-1940.log moved successfully.
Registry entries deleted on Reboot...
RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2014-05-30 00:26:41
Microsoft Windows 8.1 Pro
System drive C: has 7 GB (11%) free of 60 GB
Total RAM: 8106 MB (86% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:26:44, on 30. 5. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal
Running processes:
C:\WINDOWS\SysWOW64\rundll32.exe
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
O4 - HKCU\..\Run: [HP Officejet Pro 8500 A910 (NET)] "C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem51.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10899 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
dashost.exe {d2577670-a11e-47fd-8e8ab35e1e42bcc9}
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
taskeng.exe {EB4D2C04-87D4-4CBA-A9D0-3A7C678053AF}
taskhostex.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8ee6cc7b-d618-4511-992c-3ac4b333a996 -SystemEventPortName:HostProcess-5525df9b-2e7c-4d37-9b67-84f11a09796d -IoCancelEventPortName:HostProcess-47d57956-8383-4a02-99a4-6f87c166b4ac -NonStateChangingEventPortName:HostProcess-31f8c491-50b9-4416-933e-f9c803456e31 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4f64f902-a66d-456c-ab9c-f1438162d96e -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e5150f6b-74fa-4159-b601-bc1b3dba3802 -SystemEventPortName:HostProcess-26495a89-a4ed-4773-93f4-70c68fe6177d -IoCancelEventPortName:HostProcess-7bc63433-b768-4e33-b5d5-636111cbf6a2 -NonStateChangingEventPortName:HostProcess-3caf9401-3038-44a6-8f90-e8e84da327c2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b445c3ff-e80e-4b0c-aa24-ef9d625df7d9 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-82cbfeee-0c06-4603-ae88-4459d174a520 -SystemEventPortName:HostProcess-77969ef3-d1be-4822-a05a-171ac172165c -IoCancelEventPortName:HostProcess-3d3fcc0f-1cac-478e-990d-2d6fd2950852 -NonStateChangingEventPortName:HostProcess-bfa97ff3-270a-4adc-938f-c67b99165f5a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:06968a8b-8540-4328-97fd-f3da85e7fddf -DeviceGroupId:
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\05302014_002304.log
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
taskeng.exe {5191490C-44B8-4FEF-ACF2-7A97821BB7A6}
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\Users\user\Downloads\RSITx64.exe"
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138Core.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138UA.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-04-25 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 2333400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-04-25 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 1728216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-03-04 74288]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"=C:\Program Files\TrueCrypt\TrueCrypt.exe [2014-02-13 1516496]
"HP Officejet Pro 8500 A910 (NET)"=C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-15 116648]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2013-07-19 703888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-04-25 4101584]
[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTVScheduleAgent.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\WINDOWS\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-05-30 00:22:16 ----D---- C:\_OTM
2014-05-29 21:22:34 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-05-29 21:22:04 ----D---- C:\AdwCleaner
2014-05-29 09:04:06 ----D---- C:\Program Files\trend micro
2014-05-29 09:04:05 ----D---- C:\rsit
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-05-28 17:53:00 ----A---- C:\WINDOWS\system32\twinui.dll
2014-05-28 17:52:59 ----A---- C:\WINDOWS\system32\shell32.dll
2014-05-28 17:52:58 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-28 17:52:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-05-28 17:52:56 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-28 17:52:55 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\win32k.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\localspl.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\winmde.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\SYSWOW64\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\services.exe
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\swprv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\resutils.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\srcore.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfps.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-05-28 17:48:09 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-05-27 16:43:16 ----A---- C:\WINDOWS\system32\sdnclean64.exe
2014-05-27 16:43:10 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-05-27 16:42:52 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-27 13:21:20 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-27 13:09:15 ----D---- C:\Program Files\CCleaner
2014-05-27 12:15:57 ----D---- C:\ProgramData\ESET
2014-05-27 12:15:57 ----D---- C:\Program Files\ESET
2014-05-24 16:09:25 ----D---- C:\Users\user\AppData\Roaming\KWorld Multimedia
2014-05-24 16:00:42 ----D---- C:\Program Files (x86)\GIGABYTE
2014-05-24 15:59:48 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBTSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\SuperFrameSplitter.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTL283XACCESS.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBT.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFMSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFM.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABMWare.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDAB.dll
2014-05-24 15:59:42 ----D---- C:\WINDOWS\RTL
2014-05-22 19:04:10 ----D---- C:\Users\user\AppData\Roaming\Mozilla
2014-05-17 10:23:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\system32\wusa.exe
2014-05-14 15:14:49 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-05-14 15:14:48 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-05-14 15:14:47 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\storewuauth.dll
2014-05-14 15:14:16 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-05-14 15:14:14 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\ubpm.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-05-14 15:14:02 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-05-14 15:14:01 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt_map.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt_map.dll
2014-05-11 17:59:49 ----D---- C:\Program Files (x86)\Technitium
2014-05-05 08:54:06 ----D---- C:\Users\user\AppData\Roaming\VitySoft
======List of files/folders modified in the last 1 month======
2014-05-30 00:25:31 ----D---- C:\WINDOWS\Temp
2014-05-30 00:22:27 ----D---- C:\WINDOWS\Prefetch
2014-05-30 00:02:00 ----D---- C:\WINDOWS\system32\sru
2014-05-29 21:31:01 ----RD---- C:\WINDOWS\System32
2014-05-29 21:31:01 ----D---- C:\WINDOWS\Inf
2014-05-29 21:31:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-29 21:25:02 ----D---- C:\Windows
2014-05-29 21:22:34 ----D---- C:\WINDOWS\SysWOW64
2014-05-29 21:10:23 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-05-29 17:37:13 ----D---- C:\Users\user\AppData\Roaming\Skype
2014-05-29 15:39:57 ----D---- C:\WINDOWS\system32\FxsTmp
2014-05-29 10:57:30 ----D---- C:\WINDOWS\Microsoft.NET
2014-05-29 09:23:04 ----D---- C:\WINDOWS\system32\drivers\etc
2014-05-29 09:22:58 ----D---- C:\WINDOWS\AppReadiness
2014-05-29 09:04:06 ----RD---- C:\Program Files
2014-05-29 09:03:13 ----HD---- C:\Program Files\WindowsApps
2014-05-29 09:00:04 ----D---- C:\WINDOWS\system32\config
2014-05-28 18:05:05 ----HD---- C:\ProgramData
2014-05-28 18:04:59 ----D---- C:\WINDOWS\WinSxS
2014-05-28 18:03:59 ----D---- C:\WINDOWS\system32\drivers
2014-05-28 18:01:51 ----RD---- C:\WINDOWS\ToastData
2014-05-28 18:01:50 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\oobe
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\en-US
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2014-05-28 18:01:47 ----D---- C:\WINDOWS\system32\DriverStore
2014-05-28 17:57:57 ----D---- C:\WINDOWS\CbsTemp
2014-05-28 17:48:53 ----D---- C:\WINDOWS\system32\catroot2
2014-05-28 14:13:27 ----SHD---- C:\WINDOWS\Installer
2014-05-28 14:13:27 ----SHD---- C:\Config.Msi
2014-05-28 14:13:17 ----SHD---- C:\System Volume Information
2014-05-28 13:11:33 ----RSD---- C:\WINDOWS\assembly
2014-05-28 09:28:33 ----D---- C:\WINDOWS\Logs
2014-05-27 16:43:39 ----D---- C:\WINDOWS\system32\Tasks
2014-05-27 16:43:32 ----SD---- C:\ProgramData\Microsoft
2014-05-27 16:42:52 ----RD---- C:\Program Files (x86)
2014-05-27 16:22:34 ----D---- C:\WINDOWS\system32\wdi
2014-05-27 16:19:46 ----D---- C:\WINDOWS\SoftwareDistribution
2014-05-27 13:15:11 ----D---- C:\Program Files (x86)\PDFCreator
2014-05-27 13:14:51 ----DC---- C:\WINDOWS\Panther
2014-05-27 13:14:51 ----D---- C:\WINDOWS\Minidump
2014-05-27 13:14:51 ----D---- C:\WINDOWS\debug
2014-05-27 11:39:40 ----D---- C:\Users\user\AppData\Roaming\Dropbox
2014-05-24 23:47:42 ----D---- C:\Users\user\AppData\Roaming\vlc
2014-05-24 16:00:42 ----RSD---- C:\WINDOWS\Fonts
2014-05-24 15:59:44 ----D---- C:\WINDOWS\system32\catroot
2014-05-18 14:36:26 ----D---- C:\WINDOWS\rescache
2014-05-17 12:28:09 ----D---- C:\ProgramData\Microsoft Help
2014-05-17 00:22:48 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2014-05-17 00:22:47 ----D---- C:\Program Files\Windows Defender
2014-05-17 00:22:47 ----D---- C:\Program Files (x86)\Windows Defender
2014-05-17 00:22:46 ----D---- C:\WINDOWS\WinStore
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-05-17 00:22:46 ----D---- C:\WINDOWS\system32\cs-CZ
2014-05-17 00:22:45 ----D---- C:\WINDOWS\system32\en-US
2014-05-17 00:22:44 ----D---- C:\WINDOWS\apppatch
2014-05-15 09:28:06 ----D---- C:\WINDOWS\system32\MRT
2014-05-15 09:26:54 ----A---- C:\WINDOWS\system32\MRT.exe
2014-05-15 09:17:48 ----A---- C:\WINDOWS\win.ini
2014-05-09 17:45:50 ----D---- C:\WINDOWS\system32\NDF
2014-05-07 09:41:39 ----D---- C:\Users\user\AppData\Roaming\VMware
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2013-09-17 239296]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwr64v.sys [2014-03-07 20736]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2014-02-13 231376]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [2012-07-06 47768]
R3 CnxtHdAudService;@oem52.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2011-03-24 1576064]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 DNE;@oem29.inf,%DneMP_Desc%;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem20.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2013-08-22 11776]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-04-24 460528]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [2013-07-19 112080]
S3 androidusb;@oem24.inf,%SAMSUNG.Adb.SvcDesc%;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\WINDOWS\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dc3d;@oem26.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2011-05-18 47616]
S3 FTDIBUS;@oem33.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2013-05-08 76648]
S3 FTSER2K;@oem34.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2013-05-08 85864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 RSPCIESTOR;@oem19.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2011-05-04 338536]
S3 RTL2832UBDA;@oem42.inf,%RTLUSBDEV.BDA_Desc%;REALTEK 2832U BDA Driver; C:\WINDOWS\system32\drivers\RTL2832UBDA.sys [2014-05-24 237968]
S3 RTL2832UUSB;@oem42.inf,%RTLUSBDEV.USB_Desc%;REALTEK 2832U USB Driver; C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [2014-05-24 39056]
S3 ssadbus;@oem23.inf,%SAMSUNG.Service.Desc%;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\System32\drivers\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;@oem27.inf,%Samsung.Filter.Name%;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;@oem27.inf,%Samsung.Service.Name%;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;@oem28.inf,%Samsung.Service.Name%;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-22 33280]
S3 vpnva;@oem2.inf,%VPNVA64_Desc%;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64; C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys [2013-07-19 52080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-02-13 43696]
R2 IBMPMSVC;@oem51.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-03-10 2085184]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-02 4972864]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-07-06 856728]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-07-19 557968]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2013-12-11 468288]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-03-04 573488]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-03-04 512048]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-03-04 527920]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-03-04 702512]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-03-07 1669976]
S3 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-04-25 1738200]
S3 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-04-25 2081752]
S3 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-02-21 24120]
-----------------EOF-----------------
OTM:
All processes killed
Error: Unable to interpret <C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler> in the current context!
Error: Unable to interpret <C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138Core.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c> in the current context!
Error: Unable to interpret <C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138UA.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler > in the current context!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: user
->Temp folder emptied: 25638832 bytes
->Temporary Internet Files folder emptied: 31968398 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 245299220 bytes
->Flash cache emptied: 58489 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 47612 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 289,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: user
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 05302014_002304
Files moved on Reboot...
File C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\TWGJV09G\index[1].htm not found!
File C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE\TWGJV09G\meta[4].htm not found!
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\WINDOWS\temp\vmware-SYSTEM\vmware-usbarb-1940.log moved successfully.
Registry entries deleted on Reboot...
RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2014-05-30 00:26:41
Microsoft Windows 8.1 Pro
System drive C: has 7 GB (11%) free of 60 GB
Total RAM: 8106 MB (86% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:26:44, on 30. 5. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal
Running processes:
C:\WINDOWS\SysWOW64\rundll32.exe
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
O4 - HKCU\..\Run: [HP Officejet Pro 8500 A910 (NET)] "C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = domena.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = domena2.local,domena2.local,domena.local,.
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem51.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10899 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
dashost.exe {d2577670-a11e-47fd-8e8ab35e1e42bcc9}
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
taskeng.exe {EB4D2C04-87D4-4CBA-A9D0-3A7C678053AF}
taskhostex.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8ee6cc7b-d618-4511-992c-3ac4b333a996 -SystemEventPortName:HostProcess-5525df9b-2e7c-4d37-9b67-84f11a09796d -IoCancelEventPortName:HostProcess-47d57956-8383-4a02-99a4-6f87c166b4ac -NonStateChangingEventPortName:HostProcess-31f8c491-50b9-4416-933e-f9c803456e31 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4f64f902-a66d-456c-ab9c-f1438162d96e -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e5150f6b-74fa-4159-b601-bc1b3dba3802 -SystemEventPortName:HostProcess-26495a89-a4ed-4773-93f4-70c68fe6177d -IoCancelEventPortName:HostProcess-7bc63433-b768-4e33-b5d5-636111cbf6a2 -NonStateChangingEventPortName:HostProcess-3caf9401-3038-44a6-8f90-e8e84da327c2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b445c3ff-e80e-4b0c-aa24-ef9d625df7d9 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-82cbfeee-0c06-4603-ae88-4459d174a520 -SystemEventPortName:HostProcess-77969ef3-d1be-4822-a05a-171ac172165c -IoCancelEventPortName:HostProcess-3d3fcc0f-1cac-478e-990d-2d6fd2950852 -NonStateChangingEventPortName:HostProcess-bfa97ff3-270a-4adc-938f-c67b99165f5a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:06968a8b-8540-4328-97fd-f3da85e7fddf -DeviceGroupId:
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\05302014_002304.log
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN08JBM0XQ:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
taskeng.exe {5191490C-44B8-4FEF-ACF2-7A97821BB7A6}
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\Users\user\Downloads\RSITx64.exe"
"C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138Core.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3573096250-3221339822-3781339408-2138UA.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-04-25 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 2333400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-04-25 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-04-08 1728216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [2014-03-04 74288]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"=C:\Program Files\TrueCrypt\TrueCrypt.exe [2014-02-13 1516496]
"HP Officejet Pro 8500 A910 (NET)"=C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-15 116648]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2013-07-19 703888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-04-25 4101584]
[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTVScheduleAgent.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\WINDOWS\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-05-30 00:22:16 ----D---- C:\_OTM
2014-05-29 21:22:34 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-05-29 21:22:04 ----D---- C:\AdwCleaner
2014-05-29 09:04:06 ----D---- C:\Program Files\trend micro
2014-05-29 09:04:05 ----D---- C:\rsit
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-05-28 17:53:01 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-05-28 17:53:00 ----A---- C:\WINDOWS\system32\twinui.dll
2014-05-28 17:52:59 ----A---- C:\WINDOWS\system32\shell32.dll
2014-05-28 17:52:58 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-28 17:52:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-05-28 17:52:56 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-28 17:52:55 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-05-28 17:52:53 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-05-28 17:52:52 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-05-28 17:52:51 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-05-28 17:52:50 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\win32k.sys
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-05-28 17:52:49 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-05-28 17:52:48 ----A---- C:\WINDOWS\system32\localspl.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\winmde.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-05-28 17:52:47 ----A---- C:\WINDOWS\system32\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\SYSWOW64\gpprefcl.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\services.exe
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-05-28 17:52:46 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-05-28 17:52:45 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-05-28 17:52:44 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\swprv.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\resutils.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-05-28 17:52:43 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\srcore.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\propsys.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfps.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\mf.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-05-28 17:52:42 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\srclient.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\mispace.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-05-28 17:52:41 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-05-28 17:48:09 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-05-27 16:43:16 ----A---- C:\WINDOWS\system32\sdnclean64.exe
2014-05-27 16:43:10 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-05-27 16:42:52 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-27 13:21:20 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-27 13:09:15 ----D---- C:\Program Files\CCleaner
2014-05-27 12:15:57 ----D---- C:\ProgramData\ESET
2014-05-27 12:15:57 ----D---- C:\Program Files\ESET
2014-05-24 16:09:25 ----D---- C:\Users\user\AppData\Roaming\KWorld Multimedia
2014-05-24 16:00:42 ----D---- C:\Program Files (x86)\GIGABYTE
2014-05-24 15:59:48 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBTSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\SuperFrameSplitter.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTL283XACCESS.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKISDBT.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFMSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKFM.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABSOURCE.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDABMWare.dll
2014-05-24 15:59:47 ----A---- C:\WINDOWS\SYSWOW64\RTKDAB.dll
2014-05-24 15:59:42 ----D---- C:\WINDOWS\RTL
2014-05-22 19:04:10 ----D---- C:\Users\user\AppData\Roaming\Mozilla
2014-05-17 10:23:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2014-05-14 15:14:52 ----A---- C:\WINDOWS\system32\wusa.exe
2014-05-14 15:14:49 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-05-14 15:14:48 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-05-14 15:14:47 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-05-14 15:14:18 ----A---- C:\WINDOWS\system32\storewuauth.dll
2014-05-14 15:14:16 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-05-14 15:14:14 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\ubpm.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 15:14:12 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wups.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-05-14 15:14:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-05-14 15:14:03 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-05-14 15:14:02 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-05-14 15:14:01 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\SYSWOW64\mrt_map.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt100.dll
2014-05-14 15:13:45 ----A---- C:\WINDOWS\system32\mrt_map.dll
2014-05-11 17:59:49 ----D---- C:\Program Files (x86)\Technitium
2014-05-05 08:54:06 ----D---- C:\Users\user\AppData\Roaming\VitySoft
======List of files/folders modified in the last 1 month======
2014-05-30 00:25:31 ----D---- C:\WINDOWS\Temp
2014-05-30 00:22:27 ----D---- C:\WINDOWS\Prefetch
2014-05-30 00:02:00 ----D---- C:\WINDOWS\system32\sru
2014-05-29 21:31:01 ----RD---- C:\WINDOWS\System32
2014-05-29 21:31:01 ----D---- C:\WINDOWS\Inf
2014-05-29 21:31:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-29 21:25:02 ----D---- C:\Windows
2014-05-29 21:22:34 ----D---- C:\WINDOWS\SysWOW64
2014-05-29 21:10:23 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-05-29 17:37:13 ----D---- C:\Users\user\AppData\Roaming\Skype
2014-05-29 15:39:57 ----D---- C:\WINDOWS\system32\FxsTmp
2014-05-29 10:57:30 ----D---- C:\WINDOWS\Microsoft.NET
2014-05-29 09:23:04 ----D---- C:\WINDOWS\system32\drivers\etc
2014-05-29 09:22:58 ----D---- C:\WINDOWS\AppReadiness
2014-05-29 09:04:06 ----RD---- C:\Program Files
2014-05-29 09:03:13 ----HD---- C:\Program Files\WindowsApps
2014-05-29 09:00:04 ----D---- C:\WINDOWS\system32\config
2014-05-28 18:05:05 ----HD---- C:\ProgramData
2014-05-28 18:04:59 ----D---- C:\WINDOWS\WinSxS
2014-05-28 18:03:59 ----D---- C:\WINDOWS\system32\drivers
2014-05-28 18:01:51 ----RD---- C:\WINDOWS\ToastData
2014-05-28 18:01:50 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\oobe
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\en-US
2014-05-28 18:01:50 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2014-05-28 18:01:47 ----D---- C:\WINDOWS\system32\DriverStore
2014-05-28 17:57:57 ----D---- C:\WINDOWS\CbsTemp
2014-05-28 17:48:53 ----D---- C:\WINDOWS\system32\catroot2
2014-05-28 14:13:27 ----SHD---- C:\WINDOWS\Installer
2014-05-28 14:13:27 ----SHD---- C:\Config.Msi
2014-05-28 14:13:17 ----SHD---- C:\System Volume Information
2014-05-28 13:11:33 ----RSD---- C:\WINDOWS\assembly
2014-05-28 09:28:33 ----D---- C:\WINDOWS\Logs
2014-05-27 16:43:39 ----D---- C:\WINDOWS\system32\Tasks
2014-05-27 16:43:32 ----SD---- C:\ProgramData\Microsoft
2014-05-27 16:42:52 ----RD---- C:\Program Files (x86)
2014-05-27 16:22:34 ----D---- C:\WINDOWS\system32\wdi
2014-05-27 16:19:46 ----D---- C:\WINDOWS\SoftwareDistribution
2014-05-27 13:15:11 ----D---- C:\Program Files (x86)\PDFCreator
2014-05-27 13:14:51 ----DC---- C:\WINDOWS\Panther
2014-05-27 13:14:51 ----D---- C:\WINDOWS\Minidump
2014-05-27 13:14:51 ----D---- C:\WINDOWS\debug
2014-05-27 11:39:40 ----D---- C:\Users\user\AppData\Roaming\Dropbox
2014-05-24 23:47:42 ----D---- C:\Users\user\AppData\Roaming\vlc
2014-05-24 16:00:42 ----RSD---- C:\WINDOWS\Fonts
2014-05-24 15:59:44 ----D---- C:\WINDOWS\system32\catroot
2014-05-18 14:36:26 ----D---- C:\WINDOWS\rescache
2014-05-17 12:28:09 ----D---- C:\ProgramData\Microsoft Help
2014-05-17 00:22:48 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2014-05-17 00:22:47 ----D---- C:\Program Files\Windows Defender
2014-05-17 00:22:47 ----D---- C:\Program Files (x86)\Windows Defender
2014-05-17 00:22:46 ----D---- C:\WINDOWS\WinStore
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-05-17 00:22:46 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-05-17 00:22:46 ----D---- C:\WINDOWS\system32\cs-CZ
2014-05-17 00:22:45 ----D---- C:\WINDOWS\system32\en-US
2014-05-17 00:22:44 ----D---- C:\WINDOWS\apppatch
2014-05-15 09:28:06 ----D---- C:\WINDOWS\system32\MRT
2014-05-15 09:26:54 ----A---- C:\WINDOWS\system32\MRT.exe
2014-05-15 09:17:48 ----A---- C:\WINDOWS\win.ini
2014-05-09 17:45:50 ----D---- C:\WINDOWS\system32\NDF
2014-05-07 09:41:39 ----D---- C:\Users\user\AppData\Roaming\VMware
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2013-09-17 239296]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwr64v.sys [2014-03-07 20736]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2014-02-13 231376]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [2012-07-06 47768]
R3 CnxtHdAudService;@oem52.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2011-03-24 1576064]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 DNE;@oem29.inf,%DneMP_Desc%;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem20.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2013-08-22 11776]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-04-24 460528]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [2013-07-19 112080]
S3 androidusb;@oem24.inf,%SAMSUNG.Adb.SvcDesc%;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\WINDOWS\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dc3d;@oem26.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2011-05-18 47616]
S3 FTDIBUS;@oem33.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2013-05-08 76648]
S3 FTSER2K;@oem34.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2013-05-08 85864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 RSPCIESTOR;@oem19.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2011-05-04 338536]
S3 RTL2832UBDA;@oem42.inf,%RTLUSBDEV.BDA_Desc%;REALTEK 2832U BDA Driver; C:\WINDOWS\system32\drivers\RTL2832UBDA.sys [2014-05-24 237968]
S3 RTL2832UUSB;@oem42.inf,%RTLUSBDEV.USB_Desc%;REALTEK 2832U USB Driver; C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [2014-05-24 39056]
S3 ssadbus;@oem23.inf,%SAMSUNG.Service.Desc%;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\System32\drivers\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;@oem27.inf,%Samsung.Filter.Name%;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;@oem27.inf,%Samsung.Service.Name%;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;@oem28.inf,%Samsung.Service.Name%;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-22 33280]
S3 vpnva;@oem2.inf,%VPNVA64_Desc%;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64; C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys [2013-07-19 52080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-02-13 43696]
R2 IBMPMSVC;@oem51.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2014-03-10 2085184]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-02 4972864]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-07-06 856728]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-07-19 557968]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2013-12-11 468288]
S3 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2014-03-04 573488]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-14 116648]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2014-03-04 512048]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2014-03-04 527920]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-03-04 702512]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-03-07 1669976]
S3 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-04-25 1738200]
S3 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-04-25 2081752]
S3 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-02-21 24120]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problemy se sítí
Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problemy se sítí
Žádný výpadek sítě, jako se dělo na začátku týdne, jsem poslední dny už nezaznamenal. Mám trošku pocit že načítání stránek je pomalejší, ale to bude asi tou smazanou cache. Z těch logů a postupů co jsme tu prováděli bylo tam něco vyloženě špatně, nějaká havět kde bych měl například zvážit změnu hesel ?
Jinak děkuji moc za pomoc.
S.
Jinak děkuji moc za pomoc.
S.
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problemy se sítí
Byly tam AdWary a zbytečnosti, vše bylo smazáno. Ještě jedna věc: 7GB volného místa na disku zatím stačí, disk se ale bude zaplňovat a volné místoubýbat. Pokud klesne pod 5GB, bude třeba nové čištění. Doporučil bych některá vaše data (fotky, dokumenty, apod) přesunout na jiné úložište. Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?