Zdravim pratele a kamaradi.. posledni dobou se mi zda ze mam pomale pc.. videa na youtube 720p se sekaji drive slo plynule i 1020p... obecne vsechno dlouho nabiha....
lod z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Mefistos at 2013-11-13 22:10:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 12 GB (21%) free of 60 GB
Total RAM: 6050 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:10:52, on 13.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Users\Mefistos\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Mefistos.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.us.com/v/2/?guid={DB6A0DF ... }&serpv=17
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.us.com/v/2/?guid={DB6A0DF ... }&serpv=17
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Mefistos\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --apps-new-install-bubble --disable-restore-session-state --enable-autologin --enable-download-resumption --enable-google-now-integration --enable-rich-notifications --enable-sync-synced-notifications --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: cardisabled
O4 - Startup: Dropbox.lnk = Mefistos\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: cardisabled
O4 - Global Startup: wubi.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Program Files (x86)\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - D:\Program Files (x86)\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 12491 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Sandboxie\SbieSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 3486832
\??\C:\Windows\system32\conhost.exe "-168110600616864306871209971778-1680127276-722885048-97367740714294210531561242964
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
"C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"D:\Program Files (x86)\vmware-authd.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"D:\Program Files (x86)\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe"
"C:\ProgramData\DatacardService\DCSHelper.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Dell\QuickSet\quickset.exe"
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe" /startup
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE" C:\Users\Mefistos
"C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE"
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\Mefistos\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-1204652870-1655441092-1679139995-5714708502021141137766691049-1654196421721062646
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskeng.exe {B762687A-5FE3-4EAE-AC08-5B66FAB749E2}
"C:\Program Files\My Dell\uaclauncher.exe" -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4cf8c257-7bed-45e9-afbc-98d8c2a1924b -SystemEventPortName:HostProcess-758aba09-4a6d-4bf4-93c4-7be744e1d528 -IoCancelEventPortName:HostProcess-7fd69e55-83f0-4307-aadd-a77042dfcee7 -NonStateChangingEventPortName:HostProcess-b0fc7c20-e929-479a-8d90-00b833aa9dbf -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cf6e4c13-f432-4326-b14f-270823301b50 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files\Sublime Text 3\sublime_text.exe"
"/C/Program Files/Sublime Text 3/plugin_host.exe" "5868"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3792.0.242827912\1357972028" --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,5,13,23 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2843 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --instant-process --disable-html-notifications --enable-software-compositing --channel="3792.1.1819514100\1789911614" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.2.838678364\1480945052" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.4.1641312639\2081959167" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.6.1676098476\37643985" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.8.2087237146\1850826941" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.10.1004450921\1907528845" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.14.96026909\961021904" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.15.401312692\285505659" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.16.735173603\1975902608" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.17.1155572222\362566150" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.18.1236813327\1006201751" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.19.1943889304\1477628572" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.20.1732601225\1030750903" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3792.22.1847089748\1294293867" --ppapi-flash-args --lang=en-US --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.23.1100123163\1852794395" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AsyncDns/SystemDnsA/AutocompleteDynamicTrial_2/EnableZeroSuggest_R4_Beta_UrlsOnly/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/Deferred/EmbeddedSearch/Group3 beta:r1 espv:210 hide_verbatim:1 use_remote_ntp_on_startup:1 suppress_on_srp:1/InfiniteCache/No/ManagedModeLaunch/Active/MouseEventPreconnect/MouseDown/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/id=1:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3792.27.343739738\187668160" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 812 816 824 65536 820
"C:\Users\Mefistos\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job
C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4014770085-942429989-1528240531-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4014770085-942429989-1528240531-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-09-02 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2010-12-20 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-09-02 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-03-15 178960]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-03-27 11407120]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-11-15 171064]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-11-15 399416]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-11-15 441912]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-09-08 1424896]
"QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2011-03-24 3668336]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-04-12 609144]
"IntelMyWiFiDashboard"=C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [2012-10-19 5004592]
"IntelPROSet"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2013-07-17 4791024]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 1356240]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-11-11 1612504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Mefistos\AppData\Roaming\uTorrent\uTorrent.exe [2013-11-02 1035608]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2013-10-16 759496]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2013-11-13 868816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2013-07-20 2010624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray.exe]
D:\Program Files (x86)\vmware-tray.exe [2013-10-18 111696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
cardisabled
wubi.exe
C:\Users\Mefistos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
cardisabled
Dropbox.lnk - C:\Users\Mefistos\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-11-15 441856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-11-13 22:10:28 ----D---- C:\Program Files\trend micro
2013-11-13 22:10:27 ----D---- C:\rsit
2013-11-12 04:25:35 ----A---- C:\Windows\SYSWOW64\vsocklib.dll
2013-11-12 04:25:35 ----A---- C:\Windows\system32\vsocklib.dll
2013-11-12 04:25:34 ----A---- C:\Windows\system32\drivers\vsock.sys
2013-11-12 04:25:29 ----A---- C:\Windows\system32\drivers\vmx86.sys
2013-11-12 04:24:44 ----A---- C:\Windows\SYSWOW64\vmnetdhcp.exe
2013-11-12 04:24:38 ----A---- C:\Windows\SYSWOW64\vmnat.exe
2013-11-12 04:24:37 ----A---- C:\Windows\system32\drivers\vmnetuserif.sys
2013-11-12 04:24:29 ----A---- C:\Windows\system32\vnetlib64.dll
2013-11-12 04:24:07 ----A---- C:\Windows\system32\drivers\hcmon.sys
2013-11-12 04:23:49 ----D---- C:\Program Files\Common Files\VMware
2013-11-12 04:22:35 ----D---- C:\Program Files (x86)\VMware
2013-11-12 03:46:19 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2013-11-12 03:46:07 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2013-11-10 20:42:47 ----D---- C:\Users\Mefistos\AppData\Roaming\Sublime Text 3
2013-11-10 20:40:44 ----D---- C:\Program Files\Sublime Text 3
2013-11-09 21:07:20 ----D---- C:\Users\Mefistos\AppData\Roaming\DMCache
2013-11-09 21:07:20 ----D---- C:\ProgramData\IDM
2013-11-09 19:46:01 ----D---- C:\Users\Mefistos\AppData\Roaming\Notepad++
2013-11-09 19:46:01 ----D---- C:\Program Files (x86)\Notepad++
2013-11-09 13:38:11 ----A---- C:\Windows\SYSWOW64\nnr.dll
2013-11-09 13:38:11 ----A---- C:\Windows\SYSWOW64\INETWH32.DLL
2013-11-09 13:38:10 ----A---- C:\Windows\SYSWOW64\ROBOEX32.DLL
2013-11-09 13:36:35 ----D---- C:\Program Files (x86)\NetObjects
2013-11-05 14:12:09 ----D---- C:\Program Files (x86)\DsNET Corp
2013-11-05 14:04:13 ----D---- C:\Program Files (x86)\GreenTree Applications
2013-11-04 01:48:28 ----D---- C:\Users\Mefistos\AppData\Roaming\BitTorrent
2013-11-04 01:32:58 ----RD---- C:\Sandbox
2013-11-04 01:31:33 ----A---- C:\Windows\Sandboxie.ini
2013-11-04 01:31:24 ----D---- C:\Program Files\Sandboxie
2013-11-02 22:58:24 ----SD---- C:\ProgramData\Shared Space
2013-11-02 22:57:16 ----A---- C:\Windows\system32\certsentry.dll
2013-11-02 22:56:59 ----D---- C:\ProgramData\Comodo Downloader
2013-11-02 22:52:22 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-11-02 22:52:19 ----D---- C:\Program Files\Microsoft Security Client
2013-11-01 15:10:16 ----A---- C:\Windows\system32\drivers\VBoxNetAdp.sys
2013-11-01 15:07:00 ----N---- C:\Windows\system32\VBoxNetFltNobj.dll
2013-10-30 21:39:18 ----D---- C:\Users\Mefistos\AppData\Roaming\Dropbox
2013-10-28 17:23:34 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2013-10-28 12:00:29 ----D---- C:\Users\Mefistos\AppData\Roaming\Comodo
2013-10-28 11:47:09 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2013-10-28 11:47:09 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2013-10-28 11:47:09 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2013-10-28 11:38:18 ----D---- C:\Program Files\AdTrustMedia
2013-10-28 11:38:18 ----D---- C:\Program Files (x86)\AdTrustMedia
2013-10-28 11:38:17 ----D---- C:\ProgramData\Adtrustmedia
2013-10-28 11:38:08 ----D---- C:\ProgramData\COMODO
2013-10-28 11:37:59 ----D---- C:\Program Files\COMODO
2013-10-28 11:37:35 ----D---- C:\Program Files (x86)\Comodo
2013-10-28 11:18:01 ----D---- C:\ProgramData\PC-Doctor for Windows
2013-10-28 11:17:34 ----D---- C:\Program Files\My Dell
2013-10-27 22:48:56 ----D---- C:\Program Files\iPod
2013-10-27 22:48:55 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-27 22:48:55 ----D---- C:\Program Files\iTunes
2013-10-27 22:48:55 ----D---- C:\Program Files (x86)\iTunes
2013-10-26 22:53:03 ----A---- C:\Windows\tweaking.com-regbackup-MEFISTOS-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2013-10-26 22:52:34 ----D---- C:\RegBackup
2013-10-26 22:29:26 ----D---- C:\AdwCleaner
2013-10-26 21:59:08 ----D---- C:\Users\Mefistos\AppData\Roaming\Malwarebytes
2013-10-26 21:58:42 ----D---- C:\ProgramData\Malwarebytes
2013-10-26 21:58:41 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-26 21:58:41 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-10-26 21:26:43 ----D---- C:\Windows\ERUNT
2013-10-26 19:34:26 ----A---- C:\Windows\SYSWOW64\msvbvm50.dll
2013-10-26 19:34:00 ----D---- C:\Users\Mefistos\AppData\Roaming\dll-files.com
2013-10-26 19:33:54 ----D---- C:\ProgramData\Logs
2013-10-26 19:17:45 ----D---- C:\Program Files (x86)\PS3 Game Updates
2013-10-22 14:45:42 ----D---- C:\Users\Mefistos\AppData\Roaming\JAM Software
2013-10-22 14:45:39 ----D---- C:\Program Files (x86)\JAM Software
2013-10-22 14:25:41 ----AD---- C:\Windows\SYSWOW64\PS3_UPDATE
2013-10-22 14:23:08 ----AD---- C:\Windows\SYSWOW64\PS3_GAME
2013-10-18 12:44:58 ----A---- C:\Windows\system32\vnetinst.dll
2013-10-18 12:44:58 ----A---- C:\Windows\system32\vmnetbridge.dll
2013-10-18 12:44:58 ----A---- C:\Windows\system32\drivers\vmnetbridge.sys
2013-10-18 12:44:58 ----A---- C:\Windows\system32\drivers\vmnetadapter.sys
2013-10-18 12:44:58 ----A---- C:\Windows\system32\drivers\vmnet.sys
======List of files/folders modified in the last 1 month======
2013-11-13 22:10:28 ----RD---- C:\Program Files
2013-11-13 22:10:03 ----D---- C:\Users\Mefistos\AppData\Roaming\uTorrent
2013-11-13 22:09:51 ----D---- C:\Windows\Temp
2013-11-13 22:07:00 ----D---- C:\Users\Mefistos\AppData\Roaming\Skype
2013-11-13 21:49:20 ----D---- C:\Windows\system32\config
2013-11-13 21:32:56 ----SHD---- C:\System Volume Information
2013-11-13 21:27:51 ----D---- C:\Windows\System32
2013-11-13 21:27:51 ----D---- C:\Windows\inf
2013-11-13 21:27:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-12 20:08:45 ----D---- C:\Users\Mefistos\AppData\Roaming\vlc
2013-11-12 18:08:50 ----D---- C:\Windows\system32\drivers
2013-11-12 17:44:15 ----HD---- C:\Windows\system32\WLANProfiles
2013-11-12 17:44:14 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup
2013-11-12 17:43:38 ----D---- C:\ProgramData\VMware
2013-11-12 17:39:02 ----A---- C:\Users\Mefistos\AppData\Roaming\Network Meter_Usage.ini
2013-11-12 16:13:59 ----D---- C:\Windows\system32\Tasks
2013-11-12 16:11:11 ----SHD---- C:\Windows\Installer
2013-11-12 11:30:20 ----RD---- C:\Program Files (x86)
2013-11-12 11:06:39 ----D---- C:\dell
2013-11-12 10:48:47 ----D---- C:\Windows\system32\DriverStore
2013-11-12 10:48:47 ----D---- C:\Windows\system32\catroot
2013-11-12 10:48:19 ----SHD---- C:\Config.Msi
2013-11-12 10:47:31 ----D---- C:\Windows\system32\catroot2
2013-11-12 10:46:59 ----AD---- C:\Windows\SysWOW64
2013-11-12 10:35:07 ----D---- C:\Windows
2013-11-12 04:34:04 ----D---- C:\Users\Mefistos\AppData\Roaming\VMware
2013-11-12 04:23:53 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-11-12 04:23:49 ----D---- C:\Program Files\Common Files
2013-11-12 04:23:39 ----D---- C:\Windows\SYSWOW64\drivers
2013-11-12 04:22:35 ----D---- C:\Program Files (x86)\Common Files
2013-11-12 04:20:51 ----DC---- C:\Windows\system32\DRVSTORE
2013-11-09 21:07:20 ----HD---- C:\ProgramData
2013-11-09 13:36:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-11-09 12:02:58 ----D---- C:\$RECYCLE.BIN
2013-11-03 00:42:00 ----D---- C:\Windows\Resources
2013-11-02 23:24:00 ----D---- C:\Program Files\CCleaner
2013-11-02 22:52:29 ----D---- C:\Windows\Prefetch
2013-11-02 22:52:13 ----SD---- C:\Users\Mefistos\AppData\Roaming\Microsoft
2013-11-01 23:27:41 ----A---- C:\bdlog.txt
2013-10-30 20:47:44 ----D---- C:\Windows\system32\drivers\etc
2013-10-30 15:27:46 ----D---- C:\Windows\Microsoft.NET
2013-10-30 15:27:34 ----D---- C:\Program Files (x86)\KeePass Password Safe 2
2013-10-30 15:27:18 ----D---- C:\Users\Mefistos\AppData\Roaming\KeePass
2013-10-28 19:17:02 ----D---- C:\ProgramData\Skype
2013-10-28 19:17:00 ----RD---- C:\Program Files (x86)\Skype
2013-10-28 17:23:34 ----D---- C:\Program Files (x86)\Intel
2013-10-28 11:18:16 ----D---- C:\ProgramData\PCDr
2013-10-28 11:18:00 ----D---- C:\Program Files\Dell Support Center
2013-10-26 19:50:22 ----D---- C:\Windows\Tasks
2013-10-22 12:12:33 ----D---- C:\Windows\debug
2013-10-14 00:19:45 ----D---- C:\Windows\rescache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2013-10-08 85584]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2013-10-08 73296]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2013-09-24 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2013-09-24 709144]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2013-09-24 48872]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2013-09-24 96800]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2013-10-09 53816]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2013-10-18 46160]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2013-10-18 30800]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2013-10-18 64080]
R2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi20-shared.sys [2013-02-22 33872]
R3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2013-05-21 164832]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-05-13 363856]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2012-02-13 95232]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2012-02-13 747008]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-29 283200]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-01-30 86016]
R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2012-03-21 60928]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-11-15 9000256]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-20 342528]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2013-05-29 11524096]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2013-02-07 18456]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2013-10-16 200552]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2013-07-21 34032]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-09-08 535040]
R3 tihub3;TI USB3 Hub Service; C:\Windows\system32\DRIVERS\tihub3.sys [2011-07-20 136000]
R3 tixhci;TI XHCI Service; C:\Windows\system32\DRIVERS\tixhci.sys [2011-07-20 406336]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2013-10-18 20560]
S3 AMPPALP;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2013-05-21 164832]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ewusbmbb;HUAWEI USB-WWAN miniport; C:\Windows\system32\DRIVERS\ewusbwwan.sys [2011-05-31 415744]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-07-21 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-07-21 27760]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-02-25 98816]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2011-01-30 69632]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2011-01-30 28672]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2011-05-03 222464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-11-01 140560]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-05-21 772064]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-03-27 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-03-27 1104208]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-10-20 6254152]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-07-17 626416]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 23808]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-07-17 149744]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2013-10-16 186056]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-02-07 1223704]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-02-07 660504]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-02-16 1695040]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-09-08 305152]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-08-07 4308320]
R2 VMAuthdService;VMware Authorization Service; D:\Program Files (x86)\vmware-authd.exe [2013-10-18 86096]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2013-10-18 358480]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2013-10-09 905272]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2013-10-18 437328]
R2 VMwareHostd;VMware Workstation Server; D:\Program Files (x86)\vmware-hostd.exe [2013-10-18 14405200]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-03-27 1304912]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-08-12 366600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-15 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 164056]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-11-15 277048]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-15 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-10-23 641352]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-07-17 273136]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-20 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivka
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Re: preventivka
a protoze sem mel cas tak sem udelal MBAM scan... kdyby to nahodou nekdo chtel (tu jedno polozku sem nemazal 
)
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.11.11.11
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Mefistos :: MEFISTOS-PC [administrator]
Protection: Disabled
13.11.2013 22:30:07
MBAM-log-2013-11-14 (02-15-20).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 400974
Time elapsed: 2 hour(s), 46 minute(s),
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Mefistos\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> No action taken.
(end)
)Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.11.11.11
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Mefistos :: MEFISTOS-PC [administrator]
Protection: Disabled
13.11.2013 22:30:07
MBAM-log-2013-11-14 (02-15-20).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 400974
Time elapsed: 2 hour(s), 46 minute(s),
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Mefistos\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> No action taken.
(end)
Re: preventivka
Zdravím, to co Mbam našel nech smazat.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.
Re: preventivka
tu to je:
# AdwCleaner v3.012 - Report created 14/11/2013 at 19:14:57
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mefistos - MEFISTOS-PC
# Running from : C:\Users\Mefistos\Desktop\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found C:\ProgramData\apn
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
-\\ Google Chrome v32.0.1700.14
[ File : C:\Users\Mefistos\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : homepage
*************************
AdwCleaner[R4].txt - [1048 octets] - [14/11/2013 19:14:57]
########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1288 octets] ##########
# AdwCleaner v3.012 - Report created 14/11/2013 at 19:14:57
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mefistos - MEFISTOS-PC
# Running from : C:\Users\Mefistos\Desktop\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found C:\ProgramData\apn
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
-\\ Google Chrome v32.0.1700.14
[ File : C:\Users\Mefistos\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : homepage
*************************
AdwCleaner[R4].txt - [1048 octets] - [14/11/2013 19:14:57]
########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1288 octets] ##########
Re: preventivka
Znovu spusť AdwCleaner ale tentokrát klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zase zkopíruj Report.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zase zkopíruj Report.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Re: preventivka
Adwcleaner log sem smazal omylem:D ale ve zkratce povedlo se mu odstranit co nasel 
... tady je combofix:
ComboFix 13-11-15.01 - Mefistos 15.11.2013 16:49:08.1.2 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.6050.4840 [GMT 0:00]
Spuštěný z: c:\users\Mefistos\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1363834679.bdinstall.bin
c:\programdata\1382967260.bdinstall.bin
c:\programdata\1382968429.bdinstall.bin
c:\programdata\1382968715.bdinstall.bin
c:\programdata\PCDr\6308\AddOnDownloaded\073fb38f-0e69-479d-bca1-4f81ec9dcbf6.dll
c:\programdata\PCDr\6308\AddOnDownloaded\0779eca6-695c-444d-8ef3-6621f5a112ee.dll
c:\programdata\PCDr\6308\AddOnDownloaded\0d06f79c-d0e6-4610-9a2b-d8f1a48f4252.dll
c:\programdata\PCDr\6308\AddOnDownloaded\244ec244-34e7-4b04-85aa-c16ea08f2533.dll
c:\programdata\PCDr\6308\AddOnDownloaded\2a6b5d0b-a2fc-4bdd-b3fe-6bbefb85b7e4.dll
c:\programdata\PCDr\6308\AddOnDownloaded\2c784c13-702f-431e-a492-e9dddd757b25.dll
c:\programdata\PCDr\6308\AddOnDownloaded\2eccd5d6-e118-4f76-97b6-ba56fb6c597a.dll
c:\programdata\PCDr\6308\AddOnDownloaded\394b144a-f70e-44ff-a1ce-7fed69d15b12.dll
c:\programdata\PCDr\6308\AddOnDownloaded\3cb2cbfc-72a8-4ae7-9061-1a58b1505327.dll
c:\programdata\PCDr\6308\AddOnDownloaded\3cc3b539-b998-4728-8055-1201221a38d4.dll
c:\programdata\PCDr\6308\AddOnDownloaded\3df85ce4-1732-4e9b-9fee-111cf95d7191.dll
c:\programdata\PCDr\6308\AddOnDownloaded\50441041-9037-4c34-842c-4a8523e700da.dll
c:\programdata\PCDr\6308\AddOnDownloaded\5c103ca5-8249-401b-a699-41d0a39023f4.dll
c:\programdata\PCDr\6308\AddOnDownloaded\5ec8c7eb-8ac7-4252-bb47-87f22e27e4a9.dll
c:\programdata\PCDr\6308\AddOnDownloaded\646d4422-eb1f-4e32-8b16-f32fc711fbc0.dll
c:\programdata\PCDr\6308\AddOnDownloaded\66858fdf-b35c-4b24-a074-915d56b3871b.dll
c:\programdata\PCDr\6308\AddOnDownloaded\704dfeb5-9129-4d88-8096-7f3bc80eb1ec.dll
c:\programdata\PCDr\6308\AddOnDownloaded\7ec00d71-b236-42d5-b7d2-aab97a4a1f3d.dll
c:\programdata\PCDr\6308\AddOnDownloaded\8d529c31-eeb1-4b4d-ab7e-98a38b1abf60.dll
c:\programdata\PCDr\6308\AddOnDownloaded\8fab1a01-d6b6-4640-ac86-c3ddd583c840.dll
c:\programdata\PCDr\6308\AddOnDownloaded\9d97f346-8efc-4e33-9c3b-3eef6c324e61.dll
c:\programdata\PCDr\6308\AddOnDownloaded\9e7391aa-d9c2-4547-bdb7-737a833083a2.dll
c:\programdata\PCDr\6308\AddOnDownloaded\a7c185b3-39a9-4aaf-9506-7726c68d6350.dll
c:\programdata\PCDr\6308\AddOnDownloaded\aa7c4756-0f94-474f-8589-eb1b0e71c93b.dll
c:\programdata\PCDr\6308\AddOnDownloaded\ad245130-e9e2-4a7e-8912-a540560daf66.dll
c:\programdata\PCDr\6308\AddOnDownloaded\b96b7bbd-964e-47f1-9323-f48f460042bf.dll
c:\programdata\PCDr\6308\AddOnDownloaded\b99be28c-ffd7-4136-9706-38ff86c43537.dll
c:\programdata\PCDr\6308\AddOnDownloaded\c0c54ea3-e58e-438a-9c4c-778b0979180a.dll
c:\programdata\PCDr\6308\AddOnDownloaded\c4f346c1-09ef-4c0a-846d-8ca41f94690b.dll
c:\programdata\PCDr\6308\AddOnDownloaded\cadaa395-f50b-45c6-81f6-b5aaa3c5efba.dll
c:\programdata\PCDr\6308\AddOnDownloaded\dde43788-ba3c-4b88-bc8a-de8a0eb22c79.dll
c:\programdata\PCDr\6308\AddOnDownloaded\e13c218f-cd37-454b-a187-3381a9945752.dll
c:\programdata\PCDr\6308\AddOnDownloaded\f12de547-df4d-4236-9129-baac054f90ab.dll
c:\programdata\PCDr\6308\AddOnDownloaded\f39d056b-fbf9-40c5-806d-7d93eacdc251.dll
c:\programdata\PCDr\6308\AddOnDownloaded\f586fa98-17b8-498c-9c59-24de5750efab.dll
c:\programdata\PCDr\6308\AddOnDownloaded\f73e8868-a1f5-4756-9eae-b4ffc305f35a.dll
c:\programdata\PCDr\6308\AddOnDownloaded\f80f957a-a781-4825-977a-a4ab79468916.dll
c:\programdata\PCDr\6308\AddOnDownloaded\fc470dbb-846d-42d3-bb0a-6363a559f3fb.dll
c:\programdata\Roaming
c:\windows\RPSETUP.EXE.LOG
c:\windows\SysWow64\AdbWinApi.dll
c:\windows\SysWow64\AdbWinUsbApi.dll
c:\windows\SysWow64\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-15 do 2013-11-15 )))))))))))))))))))))))))))))))
.
.
2013-11-15 16:55 . 2013-11-15 16:55 -------- d-----w- c:\users\test\AppData\Local\temp
2013-11-15 16:55 . 2013-11-15 16:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-15 16:20 . 2013-11-15 16:20 -------- d-----w- c:\users\Mefistos\AppData\Roaming\Avira
2013-11-15 16:14 . 2013-10-31 19:25 83160 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-11-15 16:14 . 2013-10-31 19:25 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-15 16:14 . 2013-10-31 19:25 132600 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-11-15 16:14 . 2013-10-31 19:25 106904 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-11-15 16:14 . 2013-11-15 16:14 -------- d-----w- c:\programdata\Avira
2013-11-15 15:53 . 2013-10-14 18:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-15 15:47 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2013-11-15 15:45 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2013-11-15 15:45 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2013-11-15 02:05 . 2013-11-15 15:37 -------- d-----w- c:\program files (x86)\PdaNet for Android
2013-11-14 22:05 . 2013-07-05 01:26 815104 ----a-w- c:\windows\SysWow64\adb.exe
2013-11-14 22:05 . 2013-07-05 01:26 157184 ----a-w- c:\windows\SysWow64\fastboot.exe
2013-11-14 22:01 . 2013-07-05 01:26 157184 ----a-w- c:\windows\system32\fastboot.exe
2013-11-14 22:01 . 2013-02-12 13:08 815104 ----a-w- c:\windows\system32\adb.exe
2013-11-14 22:01 . 2013-02-12 13:08 60928 ----a-w- c:\windows\system32\AdbWinUsbApi.dll
2013-11-14 22:01 . 2013-02-12 13:08 96256 ----a-w- c:\windows\system32\AdbWinApi.dll
2013-11-14 20:00 . 2013-11-14 20:01 -------- d-----w- c:\program files (x86)\SpeedFan
2013-11-14 19:35 . 2013-11-14 19:35 -------- d-----w- c:\programdata\Oracle
2013-11-14 19:35 . 2013-11-14 19:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-11-14 19:35 . 2013-10-08 07:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-14 19:24 . 2013-11-14 19:24 -------- d-----w- c:\users\Mefistos\AppData\Roaming\VSRevoGroup
2013-11-14 19:22 . 2013-11-14 19:26 -------- d-----w- c:\programdata\HitmanPro
2013-11-14 02:58 . 2013-11-14 02:58 -------- d-----w- c:\users\Mefistos\aTubeCatcher
2013-11-14 01:00 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-14 01:00 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-14 01:00 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-11-14 01:00 . 2013-10-03 02:23 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-11-14 01:00 . 2013-10-03 02:00 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-11-13 22:10 . 2013-11-13 22:10 -------- d-----w- c:\program files\trend micro
2013-11-13 22:10 . 2013-11-13 22:11 -------- d-----w- C:\rsit
2013-11-12 04:25 . 2013-10-08 18:21 67664 ----a-w- c:\windows\system32\vsocklib.dll
2013-11-12 04:25 . 2013-10-08 18:21 63568 ----a-w- c:\windows\SysWow64\vsocklib.dll
2013-11-12 04:25 . 2013-10-08 18:21 73296 ----a-w- c:\windows\system32\drivers\vsock.sys
2013-11-12 04:25 . 2013-10-18 12:46 64080 ----a-w- c:\windows\system32\drivers\vmx86.sys
2013-11-12 04:24 . 2013-10-18 12:45 358480 ----a-w- c:\windows\SysWow64\vmnetdhcp.exe
2013-11-12 04:24 . 2013-10-18 12:45 437328 ----a-w- c:\windows\SysWow64\vmnat.exe
2013-11-12 04:24 . 2013-10-18 12:45 30800 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2013-11-12 04:24 . 2013-10-18 12:45 930384 ----a-w- c:\windows\system32\vnetlib64.dll
2013-11-12 04:24 . 2013-10-09 08:04 53816 ----a-w- c:\windows\system32\drivers\hcmon.sys
2013-11-12 04:23 . 2013-11-12 04:23 -------- d-----w- c:\program files\Common Files\VMware
2013-11-12 04:22 . 2013-11-12 04:22 -------- d-----w- c:\program files (x86)\VMware
2013-11-12 04:22 . 2013-11-12 04:22 -------- d-----w- c:\program files (x86)\Common Files\VMware
2013-11-12 03:48 . 2013-11-12 03:57 -------- d-----w- c:\users\Mefistos\VirtualBox VMs
2013-11-12 03:47 . 2013-11-12 04:16 -------- d-----w- c:\users\Mefistos\.VirtualBox
2013-11-12 03:46 . 2013-11-01 15:13 252688 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2013-11-12 03:46 . 2013-11-01 15:10 126736 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2013-11-10 20:42 . 2013-11-12 10:31 -------- d-----w- c:\users\Mefistos\AppData\Local\Sublime Text 3
2013-11-10 20:42 . 2013-11-10 20:42 -------- d-----w- c:\users\Mefistos\AppData\Roaming\Sublime Text 3
2013-11-10 20:40 . 2013-11-13 23:26 -------- d-----w- c:\program files\Sublime Text 3
2013-11-09 21:07 . 2013-11-12 18:08 -------- d-----w- c:\users\Mefistos\AppData\Roaming\DMCache
2013-11-09 21:07 . 2013-11-09 21:07 -------- d-----w- c:\programdata\IDM
2013-11-09 19:46 . 2013-11-12 04:28 -------- d-----w- c:\users\Mefistos\AppData\Roaming\Notepad++
2013-11-09 19:46 . 2013-11-12 04:28 -------- d-----w- c:\program files (x86)\Notepad++
2013-11-09 13:38 . 2006-11-28 14:27 49152 ----a-w- c:\windows\SysWow64\INETWH32.DLL
2013-11-09 13:38 . 2006-11-28 14:27 28672 ----a-w- c:\windows\SysWow64\nnr.dll
2013-11-09 13:38 . 2006-11-28 14:27 1056768 ----a-w- c:\windows\SysWow64\ROBOEX32.DLL
2013-11-09 13:36 . 2013-11-09 13:36 -------- d-----w- c:\program files (x86)\NetObjects
2013-11-09 13:33 . 2013-11-09 13:33 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2013-11-05 14:12 . 2013-11-14 02:17 -------- d-----w- c:\program files (x86)\DsNET Corp
2013-11-05 14:06 . 2013-11-05 14:06 -------- d-----w- c:\users\Mefistos\New folder
2013-11-05 14:06 . 2013-11-05 14:06 -------- d-----w- c:\users\Mefistos\ytvidea
2013-11-05 14:04 . 2013-11-05 14:04 -------- d-----w- c:\program files (x86)\GreenTree Applications
2013-11-04 01:48 . 2013-11-04 01:51 -------- d-----w- c:\users\Mefistos\AppData\Roaming\BitTorrent
2013-11-04 01:32 . 2013-11-04 01:32 -------- d-----r- C:\Sandbox
2013-11-04 01:31 . 2013-11-04 01:31 -------- d-----w- c:\program files\Sandboxie
2013-11-02 22:58 . 2013-11-02 23:00 -------- d-s---w- c:\programdata\Shared Space
2013-11-02 22:57 . 2013-11-02 23:29 -------- d-----w- c:\users\Mefistos\AppData\Local\Comodo
2013-11-02 22:57 . 2013-11-02 22:57 57096 ----a-w- c:\windows\system32\certsentry.dll
2013-11-02 22:56 . 2013-11-02 22:56 -------- d-----w- c:\programdata\Comodo Downloader
2013-11-01 15:10 . 2013-11-01 15:10 140560 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2013-11-01 15:07 . 2013-11-01 15:07 204048 ------w- c:\windows\system32\VBoxNetFltNobj.dll
2013-10-30 21:43 . 2013-11-15 16:20 -------- d-----r- c:\users\Mefistos\Dropbox
2013-10-30 21:39 . 2013-11-15 16:09 -------- d-----w- c:\users\Mefistos\AppData\Roaming\Dropbox
2013-10-28 17:23 . 2010-12-15 16:10 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2013-10-28 14:03 . 2013-08-13 13:38 3271472 ---ha-w- C:\bdr-bz02
2013-10-28 12:00 . 2013-11-15 02:06 -------- d-----w- c:\users\Mefistos\AppData\Roaming\Comodo
2013-10-28 11:47 . 2013-10-28 11:47 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-10-28 11:47 . 2013-10-28 11:47 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2013-10-28 11:47 . 2013-10-28 11:47 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-10-28 11:38 . 2013-10-28 11:38 -------- d-----w- c:\program files\AdTrustMedia
2013-10-28 11:38 . 2013-10-28 11:38 -------- d-----w- c:\program files (x86)\AdTrustMedia
2013-10-28 11:38 . 2013-10-28 11:38 -------- d-----w- c:\programdata\Adtrustmedia
2013-10-28 11:38 . 2013-11-04 00:34 -------- d-----w- c:\programdata\COMODO
2013-10-28 11:37 . 2013-11-02 22:57 -------- d-----w- c:\program files\COMODO
2013-10-28 11:37 . 2013-11-02 23:29 -------- d-----w- c:\program files (x86)\Comodo
2013-10-28 11:18 . 2013-10-28 11:18 -------- d-----w- c:\programdata\PC-Doctor for Windows
2013-10-28 11:17 . 2013-10-28 11:18 -------- d-----w- c:\program files\My Dell
2013-10-27 22:48 . 2013-10-27 22:48 -------- d-----w- c:\program files\iPod
2013-10-27 22:48 . 2013-10-27 22:50 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-27 22:48 . 2013-10-27 22:50 -------- d-----w- c:\program files\iTunes
2013-10-27 22:48 . 2013-10-27 22:50 -------- d-----w- c:\program files (x86)\iTunes
2013-10-26 22:52 . 2013-10-26 22:52 -------- d-----w- C:\RegBackup
2013-10-26 22:33 . 2013-10-26 22:33 -------- d-----w- c:\users\Mefistos\AppData\Local\VirtualStore
2013-10-26 22:29 . 2013-11-14 19:15 -------- d-----w- C:\AdwCleaner
2013-10-26 21:59 . 2013-10-26 21:59 -------- d-----w- c:\users\Mefistos\AppData\Roaming\Malwarebytes
2013-10-26 21:58 . 2013-10-26 21:58 -------- d-----w- c:\programdata\Malwarebytes
2013-10-26 21:26 . 2013-10-26 21:26 -------- d-----w- c:\windows\ERUNT
2013-10-26 19:34 . 2013-10-26 19:35 1355776 ----a-w- c:\windows\SysWow64\msvbvm50.dll
2013-10-26 19:34 . 2013-10-26 19:34 -------- d-----w- c:\users\Mefistos\AppData\Roaming\dll-files.com
2013-10-26 19:33 . 2013-10-26 19:33 -------- d-----w- c:\programdata\Logs
2013-10-26 19:17 . 2013-10-26 19:36 -------- d-----w- c:\program files (x86)\PS3 Game Updates
2013-10-22 14:45 . 2013-10-22 14:45 -------- d-----w- c:\users\Mefistos\AppData\Roaming\JAM Software
2013-10-22 14:45 . 2013-10-22 14:45 -------- d-----w- c:\program files (x86)\JAM Software
2013-10-22 14:25 . 2013-10-22 14:25 -------- d---a-w- c:\windows\SysWow64\PS3_UPDATE
2013-10-22 14:23 . 2013-10-22 14:23 -------- d---a-w- c:\windows\SysWow64\PS3_GAME
2013-10-18 12:44 . 2013-10-18 12:44 80464 ----a-w- c:\windows\system32\vmnetbridge.dll
2013-10-18 12:44 . 2013-10-18 12:44 49232 ----a-w- c:\windows\system32\vnetinst.dll
2013-10-18 12:44 . 2013-10-18 12:44 46160 ----a-w- c:\windows\system32\drivers\vmnetbridge.sys
2013-10-18 12:44 . 2013-10-18 12:44 24656 ----a-w- c:\windows\system32\drivers\vmnet.sys
2013-10-18 12:44 . 2013-10-18 12:44 20560 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-14 20:00 . 2013-03-20 06:00 20562 ----a-w- c:\users\Mefistos\Network_Meter_Data.js
2013-11-14 19:37 . 2013-03-19 07:56 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-14 03:07 . 2013-03-19 19:19 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-10-08 18:21 . 2013-10-08 18:21 85584 ----a-w- c:\windows\system32\drivers\vmci.sys
2013-09-25 02:22 . 2013-11-14 00:59 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-14 00:59 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-24 11:54 . 2013-09-24 11:54 96800 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 11:54 . 2013-09-24 11:54 709144 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-09-24 11:54 . 2013-09-24 11:54 48872 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 11:54 . 2013-09-24 11:54 23168 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 11:53 . 2013-09-24 11:53 43216 ----a-w- c:\windows\system32\cmdcsr.dll
2013-09-24 11:53 . 2013-09-24 11:53 444392 ----a-w- c:\windows\system32\guard64.dll
2013-09-24 11:53 . 2013-09-24 11:53 354240 ----a-w- c:\windows\SysWow64\guard32.dll
2013-09-24 11:53 . 2013-09-24 11:53 347864 ----a-w- c:\windows\system32\cmdvrt64.dll
2013-09-24 11:53 . 2013-09-24 11:53 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2013-09-24 11:53 . 2013-09-24 11:53 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2013-09-24 11:53 . 2013-09-24 11:53 280792 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2013-09-08 02:30 . 2013-10-09 18:36 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-09 18:36 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-09 18:36 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-09 18:30 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-09 18:30 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-09 18:30 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-09 18:30 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-09 18:30 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-09 18:30 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-09 18:30 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-29 02:17 . 2013-10-09 18:35 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-09 18:35 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-09 18:35 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-09 18:35 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-09 18:35 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-09 18:35 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-09 18:35 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-09 18:35 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-09 18:35 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-09 18:35 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-09 18:35 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-09 18:35 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-09 18:35 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-09 18:35 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-09 18:35 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-09 18:35 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-09 18:35 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-09 18:30 461312 ----a-w- c:\windows\system32\scavengeui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\Mefistos\AppData\Roaming\uTorrent\uTorrent.exe" [2013-11-14 1036632]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2013-10-16 759496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"avgnt"="d:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-10-31 683576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"wextract_cleanup0"="c:\windows\system32\advpack.dll" [2009-07-14 126464]
.
c:\users\Mefistos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Mefistos\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-11-1 29769432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-4014770085-942429989-1528240531-1000\Scripts\Logoff\0\0]
"Script"=c:\program files\Bitdefender\Bitdefender\support.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
R2 AntiVirSchedulerService;Avira Scheduler;d:\program files (x86)\Avira\AntiVir Desktop\sched.exe;d:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
R2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\SftService.exe;c:\program files (x86)\Dell DataSafe Local Backup\SftService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
R2 VMwareHostd;VMware Workstation Server;d:\program files (x86)\vmware-hostd.exe;d:\program files (x86)\vmware-hostd.exe [x]
R2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi20-shared.sys;SysWOW64\drivers\vstor2-mntapi20-shared.sys [x]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
R3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
R3 AMPPALP;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_cdcecm;huawei_cdcecm;c:\windows\system32\DRIVERS\ew_jucdcecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcecm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0;PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\my dell\pcdsrvc_x64.pkms;c:\program files\my dell\pcdsrvc_x64.pkms [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 AntiVirWebService;Avira Web Protection;d:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;d:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys;c:\windows\SYSNATIVE\DRIVERS\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys;c:\windows\SYSNATIVE\DRIVERS\tixhci.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-13 21:26 1214416 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.14\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-19 19:37]
.
2013-11-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4014770085-942429989-1528240531-1000Core.job
- c:\users\Mefistos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-13 17:04]
.
2013-11-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4014770085-942429989-1528240531-1000UA.job
- c:\users\Mefistos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-13 17:04]
.
2013-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-15 18:42]
.
2013-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-15 18:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-03-15 178960]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-03-27 11407120]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-15 171064]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-15 399416]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-15 441912]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-09-08 1424896]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144]
"IntelMyWiFiDashboard"="c:\program files\Intel\CCDashboard\bin\CCDashServer.exe" [2012-10-19 5004592]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2013-07-17 4791024]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-11-11 1612504]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
LSP: %windir%\system32\vsocklib.dll
TCP: DhcpNameServer = 89.101.160.5 89.101.160.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
c:\users\Mefistos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cardisabled\Facebook Messenger.lnk - c:\users\Mefistos\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\cardisabled\Start GeekBuddy.lnk - c:\program files\COMODO\GeekBuddy\launcher.exe "unit_manager.exe"
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{D3412D80-CF3B4A27-06020200}_0]
"ImagePath"="\??\c:\program files\my dell\pcdsrvc_x64.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4014770085-942429989-1528240531-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C9C395F7-E28D-56A0-57B3-E897D312D6D2}*]
@Allowed: (Read) (RestrictedCode)
"oalfpjcdbhejbmngemkijmalieakka"=hex:6a,61,6f,6c,66,65,6e,70,69,61,6f,6f,66,6d,
66,68,70,62,65,67,00,f3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-11-15 16:57:12
ComboFix-quarantined-files.txt 2013-11-15 16:57
.
Před spuštěním: 14 874 329 088 bytes free
Po spuštění: 14 940 876 800 bytes free
.
- - End Of File - - 509B65491FE0D91428C8D6D407B5FB2A
A36C5E4F47E84449FF07ED3517B43A31
zatim se zda ze to jede o 100% svizneji.. aktualizoval sem flash a javu a i youtube se prestalo sekat
... tady je combofix:ComboFix 13-11-15.01 - Mefistos 15.11.2013 16:49:08.1.2 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.6050.4840 [GMT 0:00]
Spuštěný z: c:\users\Mefistos\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1363834679.bdinstall.bin
c:\programdata\1382967260.bdinstall.bin
c:\programdata\1382968429.bdinstall.bin
c:\programdata\1382968715.bdinstall.bin
c:\programdata\PCDr\6308\AddOnDownloaded\073fb38f-0e69-479d-bca1-4f81ec9dcbf6.dll
c:\programdata\PCDr\6308\AddOnDownloaded\0779eca6-695c-444d-8ef3-6621f5a112ee.dll
c:\programdata\PCDr\6308\AddOnDownloaded\0d06f79c-d0e6-4610-9a2b-d8f1a48f4252.dll
c:\programdata\PCDr\6308\AddOnDownloaded\244ec244-34e7-4b04-85aa-c16ea08f2533.dll
c:\programdata\PCDr\6308\AddOnDownloaded\2a6b5d0b-a2fc-4bdd-b3fe-6bbefb85b7e4.dll
c:\programdata\PCDr\6308\AddOnDownloaded\2c784c13-702f-431e-a492-e9dddd757b25.dll
c:\programdata\PCDr\6308\AddOnDownloaded\2eccd5d6-e118-4f76-97b6-ba56fb6c597a.dll
c:\programdata\PCDr\6308\AddOnDownloaded\394b144a-f70e-44ff-a1ce-7fed69d15b12.dll
c:\programdata\PCDr\6308\AddOnDownloaded\3cb2cbfc-72a8-4ae7-9061-1a58b1505327.dll
c:\programdata\PCDr\6308\AddOnDownloaded\3cc3b539-b998-4728-8055-1201221a38d4.dll
c:\programdata\PCDr\6308\AddOnDownloaded\3df85ce4-1732-4e9b-9fee-111cf95d7191.dll
c:\programdata\PCDr\6308\AddOnDownloaded\50441041-9037-4c34-842c-4a8523e700da.dll
c:\programdata\PCDr\6308\AddOnDownloaded\5c103ca5-8249-401b-a699-41d0a39023f4.dll
c:\programdata\PCDr\6308\AddOnDownloaded\5ec8c7eb-8ac7-4252-bb47-87f22e27e4a9.dll
c:\programdata\PCDr\6308\AddOnDownloaded\646d4422-eb1f-4e32-8b16-f32fc711fbc0.dll
c:\programdata\PCDr\6308\AddOnDownloaded\66858fdf-b35c-4b24-a074-915d56b3871b.dll
c:\programdata\PCDr\6308\AddOnDownloaded\704dfeb5-9129-4d88-8096-7f3bc80eb1ec.dll
c:\programdata\PCDr\6308\AddOnDownloaded\7ec00d71-b236-42d5-b7d2-aab97a4a1f3d.dll
c:\programdata\PCDr\6308\AddOnDownloaded\8d529c31-eeb1-4b4d-ab7e-98a38b1abf60.dll
c:\programdata\PCDr\6308\AddOnDownloaded\8fab1a01-d6b6-4640-ac86-c3ddd583c840.dll
c:\programdata\PCDr\6308\AddOnDownloaded\9d97f346-8efc-4e33-9c3b-3eef6c324e61.dll
c:\programdata\PCDr\6308\AddOnDownloaded\9e7391aa-d9c2-4547-bdb7-737a833083a2.dll
c:\programdata\PCDr\6308\AddOnDownloaded\a7c185b3-39a9-4aaf-9506-7726c68d6350.dll
c:\programdata\PCDr\6308\AddOnDownloaded\aa7c4756-0f94-474f-8589-eb1b0e71c93b.dll
c:\programdata\PCDr\6308\AddOnDownloaded\ad245130-e9e2-4a7e-8912-a540560daf66.dll
c:\programdata\PCDr\6308\AddOnDownloaded\b96b7bbd-964e-47f1-9323-f48f460042bf.dll
c:\programdata\PCDr\6308\AddOnDownloaded\b99be28c-ffd7-4136-9706-38ff86c43537.dll
c:\programdata\PCDr\6308\AddOnDownloaded\c0c54ea3-e58e-438a-9c4c-778b0979180a.dll
c:\programdata\PCDr\6308\AddOnDownloaded\c4f346c1-09ef-4c0a-846d-8ca41f94690b.dll
c:\programdata\PCDr\6308\AddOnDownloaded\cadaa395-f50b-45c6-81f6-b5aaa3c5efba.dll
c:\programdata\PCDr\6308\AddOnDownloaded\dde43788-ba3c-4b88-bc8a-de8a0eb22c79.dll
c:\programdata\PCDr\6308\AddOnDownloaded\e13c218f-cd37-454b-a187-3381a9945752.dll
c:\programdata\PCDr\6308\AddOnDownloaded\f12de547-df4d-4236-9129-baac054f90ab.dll
c:\programdata\PCDr\6308\AddOnDownloaded\f39d056b-fbf9-40c5-806d-7d93eacdc251.dll
c:\programdata\PCDr\6308\AddOnDownloaded\f586fa98-17b8-498c-9c59-24de5750efab.dll
c:\programdata\PCDr\6308\AddOnDownloaded\f73e8868-a1f5-4756-9eae-b4ffc305f35a.dll
c:\programdata\PCDr\6308\AddOnDownloaded\f80f957a-a781-4825-977a-a4ab79468916.dll
c:\programdata\PCDr\6308\AddOnDownloaded\fc470dbb-846d-42d3-bb0a-6363a559f3fb.dll
c:\programdata\Roaming
c:\windows\RPSETUP.EXE.LOG
c:\windows\SysWow64\AdbWinApi.dll
c:\windows\SysWow64\AdbWinUsbApi.dll
c:\windows\SysWow64\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-15 do 2013-11-15 )))))))))))))))))))))))))))))))
.
.
2013-11-15 16:55 . 2013-11-15 16:55 -------- d-----w- c:\users\test\AppData\Local\temp
2013-11-15 16:55 . 2013-11-15 16:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-15 16:20 . 2013-11-15 16:20 -------- d-----w- c:\users\Mefistos\AppData\Roaming\Avira
2013-11-15 16:14 . 2013-10-31 19:25 83160 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-11-15 16:14 . 2013-10-31 19:25 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-15 16:14 . 2013-10-31 19:25 132600 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-11-15 16:14 . 2013-10-31 19:25 106904 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-11-15 16:14 . 2013-11-15 16:14 -------- d-----w- c:\programdata\Avira
2013-11-15 15:53 . 2013-10-14 18:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-15 15:47 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2013-11-15 15:45 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2013-11-15 15:45 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2013-11-15 02:05 . 2013-11-15 15:37 -------- d-----w- c:\program files (x86)\PdaNet for Android
2013-11-14 22:05 . 2013-07-05 01:26 815104 ----a-w- c:\windows\SysWow64\adb.exe
2013-11-14 22:05 . 2013-07-05 01:26 157184 ----a-w- c:\windows\SysWow64\fastboot.exe
2013-11-14 22:01 . 2013-07-05 01:26 157184 ----a-w- c:\windows\system32\fastboot.exe
2013-11-14 22:01 . 2013-02-12 13:08 815104 ----a-w- c:\windows\system32\adb.exe
2013-11-14 22:01 . 2013-02-12 13:08 60928 ----a-w- c:\windows\system32\AdbWinUsbApi.dll
2013-11-14 22:01 . 2013-02-12 13:08 96256 ----a-w- c:\windows\system32\AdbWinApi.dll
2013-11-14 20:00 . 2013-11-14 20:01 -------- d-----w- c:\program files (x86)\SpeedFan
2013-11-14 19:35 . 2013-11-14 19:35 -------- d-----w- c:\programdata\Oracle
2013-11-14 19:35 . 2013-11-14 19:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-11-14 19:35 . 2013-10-08 07:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-14 19:24 . 2013-11-14 19:24 -------- d-----w- c:\users\Mefistos\AppData\Roaming\VSRevoGroup
2013-11-14 19:22 . 2013-11-14 19:26 -------- d-----w- c:\programdata\HitmanPro
2013-11-14 02:58 . 2013-11-14 02:58 -------- d-----w- c:\users\Mefistos\aTubeCatcher
2013-11-14 01:00 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-14 01:00 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-14 01:00 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-11-14 01:00 . 2013-10-03 02:23 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-11-14 01:00 . 2013-10-03 02:00 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-11-13 22:10 . 2013-11-13 22:10 -------- d-----w- c:\program files\trend micro
2013-11-13 22:10 . 2013-11-13 22:11 -------- d-----w- C:\rsit
2013-11-12 04:25 . 2013-10-08 18:21 67664 ----a-w- c:\windows\system32\vsocklib.dll
2013-11-12 04:25 . 2013-10-08 18:21 63568 ----a-w- c:\windows\SysWow64\vsocklib.dll
2013-11-12 04:25 . 2013-10-08 18:21 73296 ----a-w- c:\windows\system32\drivers\vsock.sys
2013-11-12 04:25 . 2013-10-18 12:46 64080 ----a-w- c:\windows\system32\drivers\vmx86.sys
2013-11-12 04:24 . 2013-10-18 12:45 358480 ----a-w- c:\windows\SysWow64\vmnetdhcp.exe
2013-11-12 04:24 . 2013-10-18 12:45 437328 ----a-w- c:\windows\SysWow64\vmnat.exe
2013-11-12 04:24 . 2013-10-18 12:45 30800 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2013-11-12 04:24 . 2013-10-18 12:45 930384 ----a-w- c:\windows\system32\vnetlib64.dll
2013-11-12 04:24 . 2013-10-09 08:04 53816 ----a-w- c:\windows\system32\drivers\hcmon.sys
2013-11-12 04:23 . 2013-11-12 04:23 -------- d-----w- c:\program files\Common Files\VMware
2013-11-12 04:22 . 2013-11-12 04:22 -------- d-----w- c:\program files (x86)\VMware
2013-11-12 04:22 . 2013-11-12 04:22 -------- d-----w- c:\program files (x86)\Common Files\VMware
2013-11-12 03:48 . 2013-11-12 03:57 -------- d-----w- c:\users\Mefistos\VirtualBox VMs
2013-11-12 03:47 . 2013-11-12 04:16 -------- d-----w- c:\users\Mefistos\.VirtualBox
2013-11-12 03:46 . 2013-11-01 15:13 252688 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2013-11-12 03:46 . 2013-11-01 15:10 126736 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2013-11-10 20:42 . 2013-11-12 10:31 -------- d-----w- c:\users\Mefistos\AppData\Local\Sublime Text 3
2013-11-10 20:42 . 2013-11-10 20:42 -------- d-----w- c:\users\Mefistos\AppData\Roaming\Sublime Text 3
2013-11-10 20:40 . 2013-11-13 23:26 -------- d-----w- c:\program files\Sublime Text 3
2013-11-09 21:07 . 2013-11-12 18:08 -------- d-----w- c:\users\Mefistos\AppData\Roaming\DMCache
2013-11-09 21:07 . 2013-11-09 21:07 -------- d-----w- c:\programdata\IDM
2013-11-09 19:46 . 2013-11-12 04:28 -------- d-----w- c:\users\Mefistos\AppData\Roaming\Notepad++
2013-11-09 19:46 . 2013-11-12 04:28 -------- d-----w- c:\program files (x86)\Notepad++
2013-11-09 13:38 . 2006-11-28 14:27 49152 ----a-w- c:\windows\SysWow64\INETWH32.DLL
2013-11-09 13:38 . 2006-11-28 14:27 28672 ----a-w- c:\windows\SysWow64\nnr.dll
2013-11-09 13:38 . 2006-11-28 14:27 1056768 ----a-w- c:\windows\SysWow64\ROBOEX32.DLL
2013-11-09 13:36 . 2013-11-09 13:36 -------- d-----w- c:\program files (x86)\NetObjects
2013-11-09 13:33 . 2013-11-09 13:33 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2013-11-05 14:12 . 2013-11-14 02:17 -------- d-----w- c:\program files (x86)\DsNET Corp
2013-11-05 14:06 . 2013-11-05 14:06 -------- d-----w- c:\users\Mefistos\New folder
2013-11-05 14:06 . 2013-11-05 14:06 -------- d-----w- c:\users\Mefistos\ytvidea
2013-11-05 14:04 . 2013-11-05 14:04 -------- d-----w- c:\program files (x86)\GreenTree Applications
2013-11-04 01:48 . 2013-11-04 01:51 -------- d-----w- c:\users\Mefistos\AppData\Roaming\BitTorrent
2013-11-04 01:32 . 2013-11-04 01:32 -------- d-----r- C:\Sandbox
2013-11-04 01:31 . 2013-11-04 01:31 -------- d-----w- c:\program files\Sandboxie
2013-11-02 22:58 . 2013-11-02 23:00 -------- d-s---w- c:\programdata\Shared Space
2013-11-02 22:57 . 2013-11-02 23:29 -------- d-----w- c:\users\Mefistos\AppData\Local\Comodo
2013-11-02 22:57 . 2013-11-02 22:57 57096 ----a-w- c:\windows\system32\certsentry.dll
2013-11-02 22:56 . 2013-11-02 22:56 -------- d-----w- c:\programdata\Comodo Downloader
2013-11-01 15:10 . 2013-11-01 15:10 140560 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2013-11-01 15:07 . 2013-11-01 15:07 204048 ------w- c:\windows\system32\VBoxNetFltNobj.dll
2013-10-30 21:43 . 2013-11-15 16:20 -------- d-----r- c:\users\Mefistos\Dropbox
2013-10-30 21:39 . 2013-11-15 16:09 -------- d-----w- c:\users\Mefistos\AppData\Roaming\Dropbox
2013-10-28 17:23 . 2010-12-15 16:10 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2013-10-28 14:03 . 2013-08-13 13:38 3271472 ---ha-w- C:\bdr-bz02
2013-10-28 12:00 . 2013-11-15 02:06 -------- d-----w- c:\users\Mefistos\AppData\Roaming\Comodo
2013-10-28 11:47 . 2013-10-28 11:47 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-10-28 11:47 . 2013-10-28 11:47 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2013-10-28 11:47 . 2013-10-28 11:47 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-10-28 11:38 . 2013-10-28 11:38 -------- d-----w- c:\program files\AdTrustMedia
2013-10-28 11:38 . 2013-10-28 11:38 -------- d-----w- c:\program files (x86)\AdTrustMedia
2013-10-28 11:38 . 2013-10-28 11:38 -------- d-----w- c:\programdata\Adtrustmedia
2013-10-28 11:38 . 2013-11-04 00:34 -------- d-----w- c:\programdata\COMODO
2013-10-28 11:37 . 2013-11-02 22:57 -------- d-----w- c:\program files\COMODO
2013-10-28 11:37 . 2013-11-02 23:29 -------- d-----w- c:\program files (x86)\Comodo
2013-10-28 11:18 . 2013-10-28 11:18 -------- d-----w- c:\programdata\PC-Doctor for Windows
2013-10-28 11:17 . 2013-10-28 11:18 -------- d-----w- c:\program files\My Dell
2013-10-27 22:48 . 2013-10-27 22:48 -------- d-----w- c:\program files\iPod
2013-10-27 22:48 . 2013-10-27 22:50 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-27 22:48 . 2013-10-27 22:50 -------- d-----w- c:\program files\iTunes
2013-10-27 22:48 . 2013-10-27 22:50 -------- d-----w- c:\program files (x86)\iTunes
2013-10-26 22:52 . 2013-10-26 22:52 -------- d-----w- C:\RegBackup
2013-10-26 22:33 . 2013-10-26 22:33 -------- d-----w- c:\users\Mefistos\AppData\Local\VirtualStore
2013-10-26 22:29 . 2013-11-14 19:15 -------- d-----w- C:\AdwCleaner
2013-10-26 21:59 . 2013-10-26 21:59 -------- d-----w- c:\users\Mefistos\AppData\Roaming\Malwarebytes
2013-10-26 21:58 . 2013-10-26 21:58 -------- d-----w- c:\programdata\Malwarebytes
2013-10-26 21:26 . 2013-10-26 21:26 -------- d-----w- c:\windows\ERUNT
2013-10-26 19:34 . 2013-10-26 19:35 1355776 ----a-w- c:\windows\SysWow64\msvbvm50.dll
2013-10-26 19:34 . 2013-10-26 19:34 -------- d-----w- c:\users\Mefistos\AppData\Roaming\dll-files.com
2013-10-26 19:33 . 2013-10-26 19:33 -------- d-----w- c:\programdata\Logs
2013-10-26 19:17 . 2013-10-26 19:36 -------- d-----w- c:\program files (x86)\PS3 Game Updates
2013-10-22 14:45 . 2013-10-22 14:45 -------- d-----w- c:\users\Mefistos\AppData\Roaming\JAM Software
2013-10-22 14:45 . 2013-10-22 14:45 -------- d-----w- c:\program files (x86)\JAM Software
2013-10-22 14:25 . 2013-10-22 14:25 -------- d---a-w- c:\windows\SysWow64\PS3_UPDATE
2013-10-22 14:23 . 2013-10-22 14:23 -------- d---a-w- c:\windows\SysWow64\PS3_GAME
2013-10-18 12:44 . 2013-10-18 12:44 80464 ----a-w- c:\windows\system32\vmnetbridge.dll
2013-10-18 12:44 . 2013-10-18 12:44 49232 ----a-w- c:\windows\system32\vnetinst.dll
2013-10-18 12:44 . 2013-10-18 12:44 46160 ----a-w- c:\windows\system32\drivers\vmnetbridge.sys
2013-10-18 12:44 . 2013-10-18 12:44 24656 ----a-w- c:\windows\system32\drivers\vmnet.sys
2013-10-18 12:44 . 2013-10-18 12:44 20560 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-14 20:00 . 2013-03-20 06:00 20562 ----a-w- c:\users\Mefistos\Network_Meter_Data.js
2013-11-14 19:37 . 2013-03-19 07:56 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-14 03:07 . 2013-03-19 19:19 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-10-08 18:21 . 2013-10-08 18:21 85584 ----a-w- c:\windows\system32\drivers\vmci.sys
2013-09-25 02:22 . 2013-11-14 00:59 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-14 00:59 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-24 11:54 . 2013-09-24 11:54 96800 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 11:54 . 2013-09-24 11:54 709144 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-09-24 11:54 . 2013-09-24 11:54 48872 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 11:54 . 2013-09-24 11:54 23168 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 11:53 . 2013-09-24 11:53 43216 ----a-w- c:\windows\system32\cmdcsr.dll
2013-09-24 11:53 . 2013-09-24 11:53 444392 ----a-w- c:\windows\system32\guard64.dll
2013-09-24 11:53 . 2013-09-24 11:53 354240 ----a-w- c:\windows\SysWow64\guard32.dll
2013-09-24 11:53 . 2013-09-24 11:53 347864 ----a-w- c:\windows\system32\cmdvrt64.dll
2013-09-24 11:53 . 2013-09-24 11:53 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2013-09-24 11:53 . 2013-09-24 11:53 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2013-09-24 11:53 . 2013-09-24 11:53 280792 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2013-09-08 02:30 . 2013-10-09 18:36 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-09 18:36 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-09 18:36 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-09 18:30 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-09 18:30 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-09 18:30 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-09 18:30 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-09 18:30 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-09 18:30 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-09 18:30 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-29 02:17 . 2013-10-09 18:35 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-09 18:35 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-09 18:35 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-09 18:35 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-09 18:35 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-09 18:35 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-09 18:35 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-09 18:35 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-09 18:35 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-09 18:35 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-09 18:35 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-09 18:35 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-09 18:35 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-09 18:35 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-09 18:35 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-09 18:35 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-09 18:35 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-09 18:30 461312 ----a-w- c:\windows\system32\scavengeui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\Mefistos\AppData\Roaming\uTorrent\uTorrent.exe" [2013-11-14 1036632]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2013-10-16 759496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"avgnt"="d:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-10-31 683576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"wextract_cleanup0"="c:\windows\system32\advpack.dll" [2009-07-14 126464]
.
c:\users\Mefistos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Mefistos\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-11-1 29769432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-4014770085-942429989-1528240531-1000\Scripts\Logoff\0\0]
"Script"=c:\program files\Bitdefender\Bitdefender\support.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
R2 AntiVirSchedulerService;Avira Scheduler;d:\program files (x86)\Avira\AntiVir Desktop\sched.exe;d:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
R2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\SftService.exe;c:\program files (x86)\Dell DataSafe Local Backup\SftService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
R2 VMwareHostd;VMware Workstation Server;d:\program files (x86)\vmware-hostd.exe;d:\program files (x86)\vmware-hostd.exe [x]
R2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi20-shared.sys;SysWOW64\drivers\vstor2-mntapi20-shared.sys [x]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
R3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
R3 AMPPALP;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_cdcecm;huawei_cdcecm;c:\windows\system32\DRIVERS\ew_jucdcecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcecm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0;PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\my dell\pcdsrvc_x64.pkms;c:\program files\my dell\pcdsrvc_x64.pkms [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 AntiVirWebService;Avira Web Protection;d:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;d:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys;c:\windows\SYSNATIVE\DRIVERS\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys;c:\windows\SYSNATIVE\DRIVERS\tixhci.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-13 21:26 1214416 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.14\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-19 19:37]
.
2013-11-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4014770085-942429989-1528240531-1000Core.job
- c:\users\Mefistos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-13 17:04]
.
2013-11-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4014770085-942429989-1528240531-1000UA.job
- c:\users\Mefistos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-13 17:04]
.
2013-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-15 18:42]
.
2013-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-15 18:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Mefistos\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-03-15 178960]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-03-27 11407120]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-15 171064]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-15 399416]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-15 441912]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-09-08 1424896]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144]
"IntelMyWiFiDashboard"="c:\program files\Intel\CCDashboard\bin\CCDashServer.exe" [2012-10-19 5004592]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2013-07-17 4791024]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-11-11 1612504]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
LSP: %windir%\system32\vsocklib.dll
TCP: DhcpNameServer = 89.101.160.5 89.101.160.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
c:\users\Mefistos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cardisabled\Facebook Messenger.lnk - c:\users\Mefistos\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\cardisabled\Start GeekBuddy.lnk - c:\program files\COMODO\GeekBuddy\launcher.exe "unit_manager.exe"
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{D3412D80-CF3B4A27-06020200}_0]
"ImagePath"="\??\c:\program files\my dell\pcdsrvc_x64.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4014770085-942429989-1528240531-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C9C395F7-E28D-56A0-57B3-E897D312D6D2}*]
@Allowed: (Read) (RestrictedCode)
"oalfpjcdbhejbmngemkijmalieakka"=hex:6a,61,6f,6c,66,65,6e,70,69,61,6f,6f,66,6d,
66,68,70,62,65,67,00,f3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-11-15 16:57:12
ComboFix-quarantined-files.txt 2013-11-15 16:57
.
Před spuštěním: 14 874 329 088 bytes free
Po spuštění: 14 940 876 800 bytes free
.
- - End Of File - - 509B65491FE0D91428C8D6D407B5FB2A
A36C5E4F47E84449FF07ED3517B43A31
zatim se zda ze to jede o 100% svizneji.. aktualizoval sem flash a javu a i youtube se prestalo sekat
Re: preventivka
Přes Start >> Spustit zkopíruj do okna:
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Stáhni a spusť OTMoveIt
do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,
pokud aplikace bude požadovat restart, klikni na YES
v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Stáhni a spusť OTMoveIt
do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
Kód: Vybrat vše
:processes
explorer.exe
:files
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4014770085-942429989-1528240531-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4014770085-942429989-1528240531-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
:commands
[purity]
[emptytemp]
[start explorer]pokud aplikace bude požadovat restart, klikni na YES
v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
Přispějete na provoz fóra?