Ahojte, potrebujem spustiť internet explorer, po spustení sa automaticky vypne a stále dookola.
Ďakujem za pomoc.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:36:24, on 24. 11. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe
C:\Users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marcel\Downloads\HiJackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: CPub Object - {696D8C1E-7039-40c8-9C66-07D9D2A2D00D} - C:\Program Files (x86)\AdCleaner\AdCleaner.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Capture Screenshot lite] C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe /minimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - Startup: Dropbox.lnk = Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager (mitsijm2013) - - C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 16239 bytes
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
internet explorer - padá
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: internet explorer - padá
Zdravim 
Padaji i dalsi prohlizece? V nouzovem rezimu s praci v siti to funguje?
Samotny log z HJT uz je nekolik let k nicemu, zvlast u 64bit systemu.
Tak kouknete o kousek vys na ten veeeliky barevne odliseny obdelnik a dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe . Navod zde http://forum.viry.cz/viewtopic.php?f=13&t=130786
Padaji i dalsi prohlizece? V nouzovem rezimu s praci v siti to funguje?
Samotny log z HJT uz je nekolik let k nicemu, zvlast u 64bit systemu.
Tak kouknete o kousek vys na ten veeeliky barevne odliseny obdelnik a dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe . Navod zde http://forum.viry.cz/viewtopic.php?f=13&t=130786
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
marsell2607
- Návštěvník
- Příspěvky: 27
- Registrován: 21 led 2014 01:35
Re: internet explorer - padá
Zdravím
Nie nie padá iba internet explorer, potrebujem ho použiť kvoli sharepointu, takže som ho po dlhej dobe zapol a vypína sa(po zapnutí sa vypne asi do 6tich s a nenačíta ani žiadnu stránku), v núdzovom režime som zatial neskúšal.
Páči sa log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Marcel at 2014-11-26 23:37:41
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 189 GB (42%) free of 455 GB
Total RAM: 8056 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:37:45, on 26. 11. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe
C:\Users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Marcel.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: CPub Object - {696D8C1E-7039-40c8-9C66-07D9D2A2D00D} - C:\Program Files (x86)\AdCleaner\AdCleaner.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Capture Screenshot lite] C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe /minimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - Startup: Dropbox.lnk = Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager (mitsijm2013) - - C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 16848 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\igfxCUIService.exe
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 29630080
\??\C:\windows\system32\conhost.exe "-1237315212-169629254189922416118821802331124936509-1862058825-1327849176836463900
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {EE991B6E-B967-4A5D-9A05-87A0078B2105}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
adb fork-server server
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-96ee8d84-9420-4e53-a052-55372e2bd082 -SystemEventPortName:HostProcess-fd741d45-29f4-4ce6-8a09-42bc740fc32b -IoCancelEventPortName:HostProcess-80b379e7-6e54-4bc6-bc52-27caf1a51bb2 -NonStateChangingEventPortName:HostProcess-50d560c3-7b79-464a-b463-fcc2c8939b34 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4cd1ee3a-8bcd-45f3-89f1-46c7016251e4 -DeviceGroupId:
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe" /minimized
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4984.0.1554522576\5046062" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3621 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.1.2067327427\891261667" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.2.401922679\268841931" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.3.1050431318\216751264" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.4.101496396\605812634" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.5.544383301\683652491" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.6.2002659440\1779601981" /prefetch:673131151
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
-Minimized
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\splwow64.exe 8192
"C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Marcel\Desktop\Diplomová projekt makarsky.docx
"C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4984.69.200493906\438692621" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.74.661161576\69136031" /prefetch:673131151
"C:\windows\system32\calc.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.125.186062180\1361718167" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.128.1811726420\1938005633" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.129.149761923\1835727991" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll" --lang=sk --channel="4984.130.1707503321\1274981399" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.131.1181437787\512236919" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.134.430758269\1587101906" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.136.1794529047\756368831" /prefetch:673131151
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Marcel\Desktop\VSII\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleForMarcel.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMarcel (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-08-07 122488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{696D8C1E-7039-40c8-9C66-07D9D2A2D00D}]
CPub Object - C:\Program Files (x86)\AdCleaner\AdCleaner.dll [2005-07-07 573440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-03-15 178960]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-03-27 11407120]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-08-19 1664000]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2918656]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-10-12 2804976]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-10-21 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Capture Screenshot lite"=C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe [2014-07-17 3469312]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-06-22 56128]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2012-07-19 133440]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-11-19 292088]
"YouCam Mirage"=c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-08-31 136488]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2012-08-31 167024]
"RemoteControl10"=c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-07-13 93296]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-08-07 12313720]
"IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-04-23 1128312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2013-07-18 683656]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2014-04-09 185144]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-05-16 336672]
""= []
C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-11-26 23:37:41 ----D---- C:\rsit
2014-11-26 23:37:41 ----D---- C:\Program Files\trend micro
2014-11-24 23:34:44 ----D---- C:\Program Files\Microsoft Silverlight
2014-11-24 23:34:44 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-11-24 23:29:43 ----HD---- C:\windows\msdownld.tmp
2014-11-24 22:57:31 ----SHD---- C:\$RECYCLE.BIN
2014-11-24 22:57:28 ----D---- C:\windows\temp
2014-11-24 22:57:26 ----A---- C:\ComboFix.txt
2014-11-24 22:48:18 ----D---- C:\ComboFix
2014-11-24 22:26:47 ----D---- C:\Program Files (x86)\MSXML 4.0
2014-11-24 00:36:28 ----D---- C:\Users\Marcel\AppData\Roaming\HTC
2014-11-24 00:36:18 ----D---- C:\Users\Marcel\AppData\Roaming\Apple Computer
2014-11-24 00:36:09 ----D---- C:\ProgramData\HTC
2014-11-24 00:34:58 ----D---- C:\Program Files (x86)\Spirent Communications
2014-11-24 00:34:58 ----D---- C:\Program Files (x86)\HTC
2014-11-21 21:32:39 ----D---- C:\Temp
2014-11-21 21:27:42 ----D---- C:\Program Files\Common Files\Autodesk Shared
2014-11-21 21:27:42 ----D---- C:\Program Files (x86)\DWG TrueView 2013
2014-11-21 21:26:13 ----D---- C:\Program Files (x86)\Microsoft WSE
2014-11-21 21:26:10 ----A---- C:\windows\system32\D3DCompiler_43.dll
2014-11-21 21:26:09 ----A---- C:\windows\SYSWOW64\d3dx11_43.dll
2014-11-21 21:26:09 ----A---- C:\windows\SYSWOW64\d3dcsx_43.dll
2014-11-21 21:26:09 ----A---- C:\windows\system32\d3dx11_43.dll
2014-11-21 21:26:09 ----A---- C:\windows\system32\d3dcsx_43.dll
2014-11-21 21:26:08 ----A---- C:\windows\SYSWOW64\d3dx10_43.dll
2014-11-21 21:26:08 ----A---- C:\windows\system32\d3dx10_43.dll
2014-11-21 21:25:59 ----A---- C:\windows\system32\D3DX9_43.dll
2014-11-21 21:24:33 ----D---- C:\Program Files (x86)\Autodesk
2014-11-21 19:52:44 ----D---- C:\Program Files (x86)\7-Zip
2014-11-21 19:49:50 ----D---- C:\Users\Marcel\AppData\Roaming\IGC
2014-11-21 19:49:32 ----D---- C:\Program Files (x86)\IGC
2014-11-20 23:14:40 ----A---- C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-19 23:02:24 ----D---- C:\Program Files (x86)\Good Timing
2014-11-19 22:49:16 ----A---- C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-19 22:43:30 ----A---- C:\windows\system32\drivers\jmcr.sys
2014-11-19 22:42:28 ----A---- C:\windows\system32\drivers\iusb3xhc.sys
2014-11-19 22:42:28 ----A---- C:\windows\system32\drivers\iusb3hub.sys
2014-11-19 22:42:28 ----A---- C:\windows\system32\drivers\iusb3hcs.sys
2014-11-19 22:39:28 ----A---- C:\windows\system32\NicInstC.dll
2014-11-19 22:39:28 ----A---- C:\windows\system32\e1cmsg.dll
2014-11-19 22:39:28 ----A---- C:\windows\system32\drivers\e1c62x64.sys
2014-11-19 22:35:50 ----D---- C:\Intel
2014-11-19 22:35:45 ----A---- C:\windows\SYSWOW64\Intel_OpenCL_ICD32.dll
2014-11-19 22:35:45 ----A---- C:\windows\system32\MetroIntelGenericUIFramework.dll
2014-11-19 22:35:45 ----A---- C:\windows\system32\Intel_OpenCL_ICD64.dll
2014-11-19 22:35:44 ----A---- C:\windows\SYSWOW64\IntelOpenCL32.dll
2014-11-19 22:35:44 ----A---- C:\windows\system32\IntelOpenCL64.dll
2014-11-19 22:35:43 ----A---- C:\windows\SYSWOW64\IntelCpHeciSvc.exe
2014-11-19 22:35:43 ----A---- C:\windows\system32\igfxCoIn_v3621.dll
2014-11-19 22:35:42 ----A---- C:\windows\system32\iglhsip64.dll
2014-11-19 22:35:41 ----A---- C:\windows\SYSWOW64\iglhsip32.dll
2014-11-19 22:35:40 ----A---- C:\windows\SYSWOW64\iglhcp32.dll
2014-11-19 22:35:40 ----A---- C:\windows\system32\iglhcp64.dll
2014-11-19 22:35:40 ----A---- C:\windows\system32\igfxOSP.dll
2014-11-19 22:35:40 ----A---- C:\windows\system32\igfxLHMLibv2_0.dll
2014-11-19 22:35:40 ----A---- C:\windows\system32\igfxLHMLib.dll
2014-11-19 22:35:39 ----A---- C:\windows\SYSWOW64\igfxexps32.dll
2014-11-19 22:35:39 ----A---- C:\windows\system32\igfxLHM.dll
2014-11-19 22:35:39 ----A---- C:\windows\system32\igfxHK.exe
2014-11-19 22:35:39 ----A---- C:\windows\system32\igfxext.exe
2014-11-19 22:35:39 ----A---- C:\windows\system32\igfxexps.dll
2014-11-19 22:35:39 ----A---- C:\windows\system32\igfxEMLibv2_0.dll
2014-11-19 22:35:39 ----A---- C:\windows\system32\igfxEMLib.dll
2014-11-19 22:35:38 ----A---- C:\windows\system32\igfxEM.exe
2014-11-19 22:35:38 ----A---- C:\windows\system32\igfxDTCM.dll
2014-11-19 22:35:38 ----A---- C:\windows\system32\igfxDILibv2_0.dll
2014-11-19 22:35:38 ----A---- C:\windows\system32\igfxDILib.dll
2014-11-19 22:35:38 ----A---- C:\windows\system32\igfxDI.dll
2014-11-19 22:35:37 ----A---- C:\windows\SYSWOW64\igfxcmrt32.dll
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxDHLibv2_0.dll
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxDHLib.dll
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxDH.dll
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxCUIServicePS.dll
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxCUIService.exe
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxcmrt64.dll
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxcmjit64.dll
2014-11-19 22:35:36 ----A---- C:\windows\SYSWOW64\igfxcmjit32.dll
2014-11-19 22:35:36 ----A---- C:\windows\SYSWOW64\igfx11cmrt32.dll
2014-11-19 22:35:36 ----A---- C:\windows\SYSWOW64\igdusc32.dll
2014-11-19 22:35:36 ----A---- C:\windows\SYSWOW64\igdumdim32.dll
2014-11-19 22:35:36 ----A---- C:\windows\SYSWOW64\igdrcl32.dll
2014-11-19 22:35:36 ----A---- C:\windows\system32\igfx11cmrt64.dll
2014-11-19 22:35:36 ----A---- C:\windows\system32\igdusc64.dll
2014-11-19 22:35:36 ----A---- C:\windows\system32\igdumdim64.dll
2014-11-19 22:35:36 ----A---- C:\windows\system32\igdrcl64.dll
2014-11-19 22:35:35 ----A---- C:\windows\SYSWOW64\igdmd32.dll
2014-11-19 22:35:35 ----A---- C:\windows\system32\igdmd64.dll
2014-11-19 22:35:34 ----A---- C:\windows\system32\drivers\igdkmd64.sys
2014-11-19 22:35:33 ----A---- C:\windows\SYSWOW64\igdfcl32.dll
2014-11-19 22:35:33 ----A---- C:\windows\SYSWOW64\igdde32.dll
2014-11-19 22:35:33 ----A---- C:\windows\SYSWOW64\igdbcl32.dll
2014-11-19 22:35:33 ----A---- C:\windows\SYSWOW64\igdail32.dll
2014-11-19 22:35:33 ----A---- C:\windows\SYSWOW64\igd10iumd32.dll
2014-11-19 22:35:33 ----A---- C:\windows\SYSWOW64\ig7icd32.dll
2014-11-19 22:35:33 ----A---- C:\windows\system32\igdfcl64.dll
2014-11-19 22:35:33 ----A---- C:\windows\system32\igdde64.dll
2014-11-19 22:35:33 ----A---- C:\windows\system32\igdbcl64.dll
2014-11-19 22:35:33 ----A---- C:\windows\system32\igdail64.dll
2014-11-19 22:35:33 ----A---- C:\windows\system32\igd10iumd64.dll
2014-11-19 22:35:33 ----A---- C:\windows\system32\ig7icd64.dll
2014-11-19 22:35:31 ----A---- C:\windows\system32\Gfxv4_0.exe
2014-11-19 22:35:31 ----A---- C:\windows\system32\Gfxv2_0.exe
2014-11-19 22:35:31 ----A---- C:\windows\system32\GfxUIEx.exe
2014-11-19 22:35:31 ----A---- C:\windows\system32\DPTopologyAppv2_0.exe
2014-11-19 22:35:31 ----A---- C:\windows\system32\DPTopologyApp.exe
2014-11-19 22:35:31 ----A---- C:\windows\system32\difx64.exe
2014-11-19 22:35:31 ----A---- C:\windows\system32\CustomModeAppv2_0.exe
2014-11-19 22:35:30 ----A---- C:\windows\system32\drivers\IntcDAud.sys
2014-11-19 22:35:30 ----A---- C:\windows\system32\CustomModeApp.exe
2014-11-19 22:21:30 ----D---- C:\Program Files (x86)\Cisco
2014-11-19 22:13:17 ----A---- C:\windows\system32\KBDTUQ.DLL
2014-11-19 22:13:17 ----A---- C:\windows\system32\KBDTUF.DLL
2014-11-19 22:13:16 ----A---- C:\windows\SYSWOW64\KBDTUQ.DLL
2014-11-19 22:13:16 ----A---- C:\windows\SYSWOW64\KBDTUF.DLL
2014-11-19 17:16:10 ----A---- C:\windows\SYSWOW64\pku2u.dll
2014-11-19 17:16:10 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-11-19 17:16:10 ----A---- C:\windows\system32\pku2u.dll
2014-11-19 17:16:10 ----A---- C:\windows\system32\kerberos.dll
2014-11-15 11:01:15 ----D---- C:\Users\Marcel\AppData\Roaming\CyberLink
2014-11-13 17:16:38 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-11-13 17:16:38 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-11-13 17:16:37 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-11-13 17:16:37 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-11-13 17:16:37 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-13 17:16:37 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-11-13 17:16:37 ----A---- C:\windows\system32\iernonce.dll
2014-11-13 17:16:37 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-11-13 17:16:37 ----A---- C:\windows\system32\ieetwcollector.exe
2014-11-13 17:16:37 ----A---- C:\windows\system32\ie4uinit.exe
2014-11-13 17:16:36 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-11-13 17:16:36 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-11-13 17:16:36 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 17:16:35 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-11-13 17:16:34 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-11-13 17:16:34 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-11-13 17:16:34 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-11-13 17:16:34 ----A---- C:\windows\system32\urlmon.dll
2014-11-13 17:16:34 ----A---- C:\windows\system32\iedkcs32.dll
2014-11-13 17:16:33 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-11-13 17:16:33 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-11-13 17:16:33 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-11-13 17:16:33 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-11-13 17:16:32 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-11-13 17:16:32 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-11-13 17:16:32 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-13 17:16:32 ----A---- C:\windows\system32\msfeeds.dll
2014-11-13 17:16:32 ----A---- C:\windows\system32\dxtrans.dll
2014-11-13 17:16:31 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-11-13 17:16:31 ----A---- C:\windows\system32\iesetup.dll
2014-11-13 17:16:31 ----A---- C:\windows\system32\ieapfltr.dll
2014-11-13 17:16:30 ----A---- C:\windows\system32\iertutil.dll
2014-11-13 17:16:29 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-11-13 17:16:29 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-11-13 17:16:29 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-11-13 17:16:28 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-11-13 17:16:28 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-11-13 17:16:28 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-11-13 17:16:28 ----A---- C:\windows\system32\jsproxy.dll
2014-11-13 17:16:28 ----A---- C:\windows\system32\ieUnatt.exe
2014-11-13 17:16:27 ----A---- C:\windows\system32\ieui.dll
2014-11-13 17:16:27 ----A---- C:\windows\system32\dxtmsft.dll
2014-11-13 17:16:26 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-11-13 17:16:26 ----A---- C:\windows\system32\mshtmled.dll
2014-11-13 17:16:26 ----A---- C:\windows\system32\ieframe.dll
2014-11-13 17:16:25 ----A---- C:\windows\system32\wininet.dll
2014-11-13 17:16:25 ----A---- C:\windows\system32\vbscript.dll
2014-11-13 17:16:25 ----A---- C:\windows\system32\jscript9diag.dll
2014-11-13 17:16:25 ----A---- C:\windows\system32\jscript9.dll
2014-11-13 17:16:24 ----A---- C:\windows\system32\msrating.dll
2014-11-13 17:16:24 ----A---- C:\windows\system32\MshtmlDac.dll
2014-11-13 17:16:23 ----A---- C:\windows\system32\mshtml.dll
2014-11-13 17:15:09 ----A---- C:\windows\system32\generaltel.dll
2014-11-13 17:15:09 ----A---- C:\windows\system32\aepdu.dll
2014-11-13 17:15:08 ----A---- C:\windows\system32\aeinv.dll
2014-11-13 17:15:02 ----A---- C:\windows\system32\termsrv.dll
2014-11-13 17:15:01 ----A---- C:\windows\SYSWOW64\adtschema.dll
2014-11-13 17:15:01 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-11-13 17:15:01 ----A---- C:\windows\system32\adtschema.dll
2014-11-13 17:15:00 ----A---- C:\windows\SYSWOW64\msaudite.dll
2014-11-13 17:15:00 ----A---- C:\windows\system32\msaudite.dll
2014-11-13 17:15:00 ----A---- C:\windows\system32\lsasrv.dll
2014-11-13 17:14:59 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-11-13 17:14:59 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-11-13 07:34:37 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-11-13 07:34:37 ----A---- C:\windows\system32\msxml3.dll
2014-11-13 07:34:36 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-11-13 07:34:36 ----A---- C:\windows\system32\msxml3r.dll
2014-11-13 07:34:35 ----A---- C:\windows\SYSWOW64\IMJP10K.DLL
2014-11-13 07:34:35 ----A---- C:\windows\system32\IMJP10K.DLL
2014-11-13 07:34:32 ----A---- C:\windows\system32\AUDIOKSE.dll
2014-11-13 07:34:31 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2014-11-13 07:34:31 ----A---- C:\windows\system32\EncDump.dll
2014-11-13 07:34:31 ----A---- C:\windows\system32\audiosrv.dll
2014-11-13 07:34:31 ----A---- C:\windows\system32\AudioSes.dll
2014-11-13 07:34:31 ----A---- C:\windows\system32\AudioEng.dll
2014-11-13 07:34:30 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2014-11-13 07:34:30 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2014-11-13 07:34:25 ----A---- C:\windows\system32\schannel.dll
2014-11-13 07:34:24 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-11-13 07:34:24 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-11-13 07:34:24 ----A---- C:\windows\system32\ncrypt.dll
2014-11-13 07:34:17 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-11-13 07:34:15 ----A---- C:\windows\system32\msv1_0.dll
2014-11-13 07:34:13 ----A---- C:\windows\system32\wdigest.dll
2014-11-13 07:34:08 ----A---- C:\windows\system32\TSpkg.dll
2014-11-13 07:03:42 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-11-13 07:03:41 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-11-13 07:03:40 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-11-13 07:03:40 ----A---- C:\windows\system32\credssp.dll
2014-11-13 07:03:19 ----A---- C:\windows\SYSWOW64\packager.dll
2014-11-13 07:03:19 ----A---- C:\windows\system32\packager.dll
2014-11-13 07:03:17 ----A---- C:\windows\system32\win32k.sys
2014-11-13 07:03:12 ----A---- C:\windows\SYSWOW64\msi.dll
2014-11-13 07:03:12 ----A---- C:\windows\system32\msi.dll
2014-11-13 07:02:59 ----A---- C:\windows\system32\oleaut32.dll
2014-11-13 07:02:58 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2014-11-04 19:37:53 ----D---- C:\GOG Games
======List of files/folders modified in the last 1 month======
2014-11-26 23:37:41 ----RD---- C:\Program Files
2014-11-26 17:34:24 ----D---- C:\windows\system32\config
2014-11-26 17:26:01 ----D---- C:\windows\System32
2014-11-26 17:26:01 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-11-26 17:26:00 ----D---- C:\windows\inf
2014-11-26 17:23:22 ----A---- C:\windows\SYSWOW64\log.txt
2014-11-26 17:21:28 ----D---- C:\Users\Marcel\AppData\Roaming\Dropbox
2014-11-26 17:20:34 ----D---- C:\ProgramData\PDFC
2014-11-25 23:33:53 ----D---- C:\Program Files (x86)\FastShare
2014-11-24 23:35:45 ----SHD---- C:\windows\Installer
2014-11-24 23:35:45 ----SD---- C:\ProgramData\Microsoft
2014-11-24 23:34:44 ----D---- C:\Program Files (x86)
2014-11-24 23:34:32 ----SHD---- C:\System Volume Information
2014-11-24 23:34:27 ----D---- C:\Program Files\Internet Explorer
2014-11-24 23:30:29 ----D---- C:\Windows
2014-11-24 22:57:29 ----D---- C:\Qoobox
2014-11-24 22:55:35 ----A---- C:\windows\system.ini
2014-11-24 22:55:30 ----D---- C:\windows\system32\drivers\etc
2014-11-24 22:55:04 ----D---- C:\windows\Downloaded Program Files
2014-11-24 22:55:04 ----D---- C:\ProgramData
2014-11-24 22:53:05 ----D---- C:\windows\SYSWOW64\drivers
2014-11-24 22:53:05 ----D---- C:\windows\SysWOW64
2014-11-24 22:53:05 ----D---- C:\windows\AppPatch
2014-11-24 22:53:04 ----D---- C:\Program Files (x86)\Common Files
2014-11-24 22:48:11 ----D---- C:\windows\system32\drivers
2014-11-24 22:48:04 ----D---- C:\windows\Prefetch
2014-11-24 22:27:05 ----D---- C:\windows\winsxs
2014-11-24 00:35:59 ----RSD---- C:\windows\Fonts
2014-11-24 00:35:20 ----D---- C:\windows\system32\DriverStore
2014-11-24 00:35:14 ----D---- C:\windows\system32\catroot
2014-11-23 20:38:02 ----D---- C:\Users\Marcel\AppData\Roaming\vlc
2014-11-23 11:45:36 ----D---- C:\windows\Tasks
2014-11-23 11:45:36 ----D---- C:\windows\system32\Tasks
2014-11-23 11:43:56 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-23 11:31:23 ----D---- C:\windows\Microsoft.NET
2014-11-21 21:54:34 ----AD---- C:\ProgramData\Temp
2014-11-21 21:47:54 ----D---- C:\Users\Marcel\AppData\Roaming\Autodesk
2014-11-21 21:45:18 ----D---- C:\ProgramData\Autodesk
2014-11-21 21:43:36 ----RSD---- C:\windows\assembly
2014-11-21 21:43:15 ----D---- C:\Program Files\Autodesk
2014-11-21 21:27:42 ----D---- C:\Program Files\Common Files
2014-11-21 21:26:13 ----SD---- C:\Users\Marcel\AppData\Roaming\Microsoft
2014-11-21 21:25:39 ----D---- C:\windows\Logs
2014-11-21 21:25:32 ----D---- C:\Program Files (x86)\Microsoft Office
2014-11-21 21:22:03 ----D---- C:\Users\Marcel\AppData\Roaming\DAEMON Tools Lite
2014-11-21 19:11:04 ----D---- C:\ProgramData\FLEXnet
2014-11-21 00:16:38 ----D---- C:\Users\Marcel\AppData\Roaming\Skype
2014-11-19 22:43:30 ----D---- C:\swsetup
2014-11-19 22:42:26 ----A---- C:\windows\system32\drivers\USB3Ver.dll
2014-11-19 22:38:22 ----D---- C:\Program Files (x86)\Intel
2014-11-19 22:38:08 ----D---- C:\windows\system32\catroot2
2014-11-19 22:37:57 ----D---- C:\Program Files\Intel
2014-11-19 22:35:09 ----A---- C:\windows\system32\OpenCL.dll
2014-11-19 22:35:08 ----A---- C:\windows\SYSWOW64\OpenCL.dll
2014-11-19 22:35:03 ----A---- C:\windows\system32\igfxTray.exe
2014-11-19 22:31:01 ----D---- C:\windows\Hewlett-Packard
2014-11-19 22:22:39 ----D---- C:\ProgramData\Intel
2014-11-19 22:21:30 ----D---- C:\Program Files\Common Files\Intel
2014-11-19 22:12:36 ----D---- C:\windows\SoftwareDistribution
2014-11-19 22:12:33 ----D---- C:\Program Files (x86)\Hewlett-Packard
2014-11-19 22:05:31 ----D---- C:\windows\debug
2014-11-16 17:54:49 ----D---- C:\windows\rescache
2014-11-14 14:09:02 ----SD---- C:\windows\system32\CompatTel
2014-11-14 14:09:01 ----D---- C:\windows\SYSWOW64\en-US
2014-11-14 14:09:00 ----D---- C:\windows\system32\en-US
2014-11-14 14:08:58 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-14 10:38:50 ----D---- C:\ProgramData\Microsoft Help
2014-11-13 19:40:14 ----D---- C:\Users\Marcel\AppData\Roaming\Adobe
2014-11-13 07:36:51 ----D---- C:\windows\system32\MRT
2014-11-13 06:55:42 ----A---- C:\windows\system32\MRT.exe
2014-11-08 12:38:50 ----D---- C:\ProgramData\Skype
2014-11-04 14:30:58 ----N---- C:\windows\system32\MpSigStub.exe
2014-10-27 21:31:26 ----D---- C:\Program Files (x86)\Age of Empires II HD The Forgotten
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-09-08 31040]
R0 iaStor;Intel RAID Controller; C:\windows\system32\drivers\iaStor.sys [2012-05-30 569152]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3hcs.sys [2014-11-19 20464]
R0 MfeEpeOpal;MfeEpeOpal; C:\windows\system32\drivers\MfeEpeOpal.sys [2012-07-12 90736]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2012-07-12 158832]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-05-13 283064]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [2010-01-26 44576]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2010-12-21 170640]
R2 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 50624]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2013-04-10 11576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-09-08 43328]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2012-10-18 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2012-02-13 95232]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2012-02-13 747008]
R3 clwvd;CyberLink Webcam Sharing Manager; C:\windows\system32\DRIVERS\clwvd.sys [2012-08-28 40944]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2014-05-02 495376]
R3 Epfwndis;Eset Personal Firewall; C:\windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 34144]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2013-11-19 26936]
R3 ibtfltcoex;ibtfltcoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-03-21 60928]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-11-19 3791872]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-11-19 450520]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3hub.sys [2014-11-19 358896]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\windows\system32\DRIVERS\iusb3xhc.sys [2014-11-19 795632]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2014-11-19 176880]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2012-07-02 62784]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-10-12 34544]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-08-19 542208]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2014-10-12 549104]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 asezsoxy;asezsoxy; \??\C:\windows\system32\drivers\asezsoxy.sys []
S1 gcgqynzc;gcgqynzc; \??\C:\windows\system32\drivers\gcgqynzc.sys []
S1 nrtpdhfc;nrtpdhfc; \??\C:\windows\system32\drivers\nrtpdhfc.sys []
S1 qgiatgvz;qgiatgvz; \??\C:\windows\system32\drivers\qgiatgvz.sys []
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2012-09-04 64832]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HTCAND64;HTC Device Driver; C:\windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\windows\system32\DRIVERS\htcnprot.sys [2013-10-17 36928]
S3 irstrtdv;Intel(R) Rapid Start Technology Driver; C:\windows\system32\DRIVERS\irstrtdv.sys [2012-05-17 26504]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 rtsuvc;HP HD Webcam [Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2012-06-15 8222736]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SmbDrv;SmbDrv; C:\windows\system32\drivers\Smb_driver_AMDASF.sys [2012-08-25 41272]
S3 StillCam;Still Serial Digital Camera Driver; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-03-27 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-03-27 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-01-12 810144]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-08-07 378488]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2014-05-16 683296]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-09-08 33600]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-06-27 87368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-06-22 13632]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-04-23 1128312]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2012-04-23 984440]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-11-19 315352]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-19 129856]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\windows\SysWOW64\irstrtsv.exe [2012-05-16 193536]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-07-11 1327104]
R2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager; C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [2012-04-22 339776]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2013-07-18 1143432]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2012-04-23 212344]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-08-19 323072]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2012-07-19 2714232]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-03-27 1304912]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2014-04-09 1448248]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-07-21 494456]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-18 253600]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-11-19 279000]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 42360]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2012-09-04 477088]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-05-15 1432400]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 50942144]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Nie nie padá iba internet explorer, potrebujem ho použiť kvoli sharepointu, takže som ho po dlhej dobe zapol a vypína sa(po zapnutí sa vypne asi do 6tich s a nenačíta ani žiadnu stránku), v núdzovom režime som zatial neskúšal.
Páči sa log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Marcel at 2014-11-26 23:37:41
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 189 GB (42%) free of 455 GB
Total RAM: 8056 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:37:45, on 26. 11. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe
C:\Users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Marcel.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: CPub Object - {696D8C1E-7039-40c8-9C66-07D9D2A2D00D} - C:\Program Files (x86)\AdCleaner\AdCleaner.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Capture Screenshot lite] C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe /minimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - Startup: Dropbox.lnk = Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager (mitsijm2013) - - C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 16848 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\igfxCUIService.exe
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 29630080
\??\C:\windows\system32\conhost.exe "-1237315212-169629254189922416118821802331124936509-1862058825-1327849176836463900
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {EE991B6E-B967-4A5D-9A05-87A0078B2105}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
adb fork-server server
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-96ee8d84-9420-4e53-a052-55372e2bd082 -SystemEventPortName:HostProcess-fd741d45-29f4-4ce6-8a09-42bc740fc32b -IoCancelEventPortName:HostProcess-80b379e7-6e54-4bc6-bc52-27caf1a51bb2 -NonStateChangingEventPortName:HostProcess-50d560c3-7b79-464a-b463-fcc2c8939b34 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4cd1ee3a-8bcd-45f3-89f1-46c7016251e4 -DeviceGroupId:
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe" /minimized
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4984.0.1554522576\5046062" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3621 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.1.2067327427\891261667" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.2.401922679\268841931" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.3.1050431318\216751264" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.4.101496396\605812634" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.5.544383301\683652491" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.6.2002659440\1779601981" /prefetch:673131151
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
-Minimized
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\splwow64.exe 8192
"C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Marcel\Desktop\Diplomová projekt makarsky.docx
"C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4984.69.200493906\438692621" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.74.661161576\69136031" /prefetch:673131151
"C:\windows\system32\calc.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.125.186062180\1361718167" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.128.1811726420\1938005633" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.129.149761923\1835727991" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll" --lang=sk --channel="4984.130.1707503321\1274981399" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.131.1181437787\512236919" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.134.430758269\1587101906" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4984.136.1794529047\756368831" /prefetch:673131151
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Marcel\Desktop\VSII\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleForMarcel.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMarcel (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-08-07 122488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{696D8C1E-7039-40c8-9C66-07D9D2A2D00D}]
CPub Object - C:\Program Files (x86)\AdCleaner\AdCleaner.dll [2005-07-07 573440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-03-15 178960]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-03-27 11407120]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-08-19 1664000]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2918656]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-10-12 2804976]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-10-21 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Capture Screenshot lite"=C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe [2014-07-17 3469312]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-06-22 56128]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2012-07-19 133440]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-11-19 292088]
"YouCam Mirage"=c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-08-31 136488]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2012-08-31 167024]
"RemoteControl10"=c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-07-13 93296]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-08-07 12313720]
"IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-04-23 1128312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2013-07-18 683656]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2014-04-09 185144]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-05-16 336672]
""= []
C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-11-26 23:37:41 ----D---- C:\rsit
2014-11-26 23:37:41 ----D---- C:\Program Files\trend micro
2014-11-24 23:34:44 ----D---- C:\Program Files\Microsoft Silverlight
2014-11-24 23:34:44 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-11-24 23:29:43 ----HD---- C:\windows\msdownld.tmp
2014-11-24 22:57:31 ----SHD---- C:\$RECYCLE.BIN
2014-11-24 22:57:28 ----D---- C:\windows\temp
2014-11-24 22:57:26 ----A---- C:\ComboFix.txt
2014-11-24 22:48:18 ----D---- C:\ComboFix
2014-11-24 22:26:47 ----D---- C:\Program Files (x86)\MSXML 4.0
2014-11-24 00:36:28 ----D---- C:\Users\Marcel\AppData\Roaming\HTC
2014-11-24 00:36:18 ----D---- C:\Users\Marcel\AppData\Roaming\Apple Computer
2014-11-24 00:36:09 ----D---- C:\ProgramData\HTC
2014-11-24 00:34:58 ----D---- C:\Program Files (x86)\Spirent Communications
2014-11-24 00:34:58 ----D---- C:\Program Files (x86)\HTC
2014-11-21 21:32:39 ----D---- C:\Temp
2014-11-21 21:27:42 ----D---- C:\Program Files\Common Files\Autodesk Shared
2014-11-21 21:27:42 ----D---- C:\Program Files (x86)\DWG TrueView 2013
2014-11-21 21:26:13 ----D---- C:\Program Files (x86)\Microsoft WSE
2014-11-21 21:26:10 ----A---- C:\windows\system32\D3DCompiler_43.dll
2014-11-21 21:26:09 ----A---- C:\windows\SYSWOW64\d3dx11_43.dll
2014-11-21 21:26:09 ----A---- C:\windows\SYSWOW64\d3dcsx_43.dll
2014-11-21 21:26:09 ----A---- C:\windows\system32\d3dx11_43.dll
2014-11-21 21:26:09 ----A---- C:\windows\system32\d3dcsx_43.dll
2014-11-21 21:26:08 ----A---- C:\windows\SYSWOW64\d3dx10_43.dll
2014-11-21 21:26:08 ----A---- C:\windows\system32\d3dx10_43.dll
2014-11-21 21:25:59 ----A---- C:\windows\system32\D3DX9_43.dll
2014-11-21 21:24:33 ----D---- C:\Program Files (x86)\Autodesk
2014-11-21 19:52:44 ----D---- C:\Program Files (x86)\7-Zip
2014-11-21 19:49:50 ----D---- C:\Users\Marcel\AppData\Roaming\IGC
2014-11-21 19:49:32 ----D---- C:\Program Files (x86)\IGC
2014-11-20 23:14:40 ----A---- C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-19 23:02:24 ----D---- C:\Program Files (x86)\Good Timing
2014-11-19 22:49:16 ----A---- C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-19 22:43:30 ----A---- C:\windows\system32\drivers\jmcr.sys
2014-11-19 22:42:28 ----A---- C:\windows\system32\drivers\iusb3xhc.sys
2014-11-19 22:42:28 ----A---- C:\windows\system32\drivers\iusb3hub.sys
2014-11-19 22:42:28 ----A---- C:\windows\system32\drivers\iusb3hcs.sys
2014-11-19 22:39:28 ----A---- C:\windows\system32\NicInstC.dll
2014-11-19 22:39:28 ----A---- C:\windows\system32\e1cmsg.dll
2014-11-19 22:39:28 ----A---- C:\windows\system32\drivers\e1c62x64.sys
2014-11-19 22:35:50 ----D---- C:\Intel
2014-11-19 22:35:45 ----A---- C:\windows\SYSWOW64\Intel_OpenCL_ICD32.dll
2014-11-19 22:35:45 ----A---- C:\windows\system32\MetroIntelGenericUIFramework.dll
2014-11-19 22:35:45 ----A---- C:\windows\system32\Intel_OpenCL_ICD64.dll
2014-11-19 22:35:44 ----A---- C:\windows\SYSWOW64\IntelOpenCL32.dll
2014-11-19 22:35:44 ----A---- C:\windows\system32\IntelOpenCL64.dll
2014-11-19 22:35:43 ----A---- C:\windows\SYSWOW64\IntelCpHeciSvc.exe
2014-11-19 22:35:43 ----A---- C:\windows\system32\igfxCoIn_v3621.dll
2014-11-19 22:35:42 ----A---- C:\windows\system32\iglhsip64.dll
2014-11-19 22:35:41 ----A---- C:\windows\SYSWOW64\iglhsip32.dll
2014-11-19 22:35:40 ----A---- C:\windows\SYSWOW64\iglhcp32.dll
2014-11-19 22:35:40 ----A---- C:\windows\system32\iglhcp64.dll
2014-11-19 22:35:40 ----A---- C:\windows\system32\igfxOSP.dll
2014-11-19 22:35:40 ----A---- C:\windows\system32\igfxLHMLibv2_0.dll
2014-11-19 22:35:40 ----A---- C:\windows\system32\igfxLHMLib.dll
2014-11-19 22:35:39 ----A---- C:\windows\SYSWOW64\igfxexps32.dll
2014-11-19 22:35:39 ----A---- C:\windows\system32\igfxLHM.dll
2014-11-19 22:35:39 ----A---- C:\windows\system32\igfxHK.exe
2014-11-19 22:35:39 ----A---- C:\windows\system32\igfxext.exe
2014-11-19 22:35:39 ----A---- C:\windows\system32\igfxexps.dll
2014-11-19 22:35:39 ----A---- C:\windows\system32\igfxEMLibv2_0.dll
2014-11-19 22:35:39 ----A---- C:\windows\system32\igfxEMLib.dll
2014-11-19 22:35:38 ----A---- C:\windows\system32\igfxEM.exe
2014-11-19 22:35:38 ----A---- C:\windows\system32\igfxDTCM.dll
2014-11-19 22:35:38 ----A---- C:\windows\system32\igfxDILibv2_0.dll
2014-11-19 22:35:38 ----A---- C:\windows\system32\igfxDILib.dll
2014-11-19 22:35:38 ----A---- C:\windows\system32\igfxDI.dll
2014-11-19 22:35:37 ----A---- C:\windows\SYSWOW64\igfxcmrt32.dll
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxDHLibv2_0.dll
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxDHLib.dll
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxDH.dll
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxCUIServicePS.dll
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxCUIService.exe
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxcmrt64.dll
2014-11-19 22:35:37 ----A---- C:\windows\system32\igfxcmjit64.dll
2014-11-19 22:35:36 ----A---- C:\windows\SYSWOW64\igfxcmjit32.dll
2014-11-19 22:35:36 ----A---- C:\windows\SYSWOW64\igfx11cmrt32.dll
2014-11-19 22:35:36 ----A---- C:\windows\SYSWOW64\igdusc32.dll
2014-11-19 22:35:36 ----A---- C:\windows\SYSWOW64\igdumdim32.dll
2014-11-19 22:35:36 ----A---- C:\windows\SYSWOW64\igdrcl32.dll
2014-11-19 22:35:36 ----A---- C:\windows\system32\igfx11cmrt64.dll
2014-11-19 22:35:36 ----A---- C:\windows\system32\igdusc64.dll
2014-11-19 22:35:36 ----A---- C:\windows\system32\igdumdim64.dll
2014-11-19 22:35:36 ----A---- C:\windows\system32\igdrcl64.dll
2014-11-19 22:35:35 ----A---- C:\windows\SYSWOW64\igdmd32.dll
2014-11-19 22:35:35 ----A---- C:\windows\system32\igdmd64.dll
2014-11-19 22:35:34 ----A---- C:\windows\system32\drivers\igdkmd64.sys
2014-11-19 22:35:33 ----A---- C:\windows\SYSWOW64\igdfcl32.dll
2014-11-19 22:35:33 ----A---- C:\windows\SYSWOW64\igdde32.dll
2014-11-19 22:35:33 ----A---- C:\windows\SYSWOW64\igdbcl32.dll
2014-11-19 22:35:33 ----A---- C:\windows\SYSWOW64\igdail32.dll
2014-11-19 22:35:33 ----A---- C:\windows\SYSWOW64\igd10iumd32.dll
2014-11-19 22:35:33 ----A---- C:\windows\SYSWOW64\ig7icd32.dll
2014-11-19 22:35:33 ----A---- C:\windows\system32\igdfcl64.dll
2014-11-19 22:35:33 ----A---- C:\windows\system32\igdde64.dll
2014-11-19 22:35:33 ----A---- C:\windows\system32\igdbcl64.dll
2014-11-19 22:35:33 ----A---- C:\windows\system32\igdail64.dll
2014-11-19 22:35:33 ----A---- C:\windows\system32\igd10iumd64.dll
2014-11-19 22:35:33 ----A---- C:\windows\system32\ig7icd64.dll
2014-11-19 22:35:31 ----A---- C:\windows\system32\Gfxv4_0.exe
2014-11-19 22:35:31 ----A---- C:\windows\system32\Gfxv2_0.exe
2014-11-19 22:35:31 ----A---- C:\windows\system32\GfxUIEx.exe
2014-11-19 22:35:31 ----A---- C:\windows\system32\DPTopologyAppv2_0.exe
2014-11-19 22:35:31 ----A---- C:\windows\system32\DPTopologyApp.exe
2014-11-19 22:35:31 ----A---- C:\windows\system32\difx64.exe
2014-11-19 22:35:31 ----A---- C:\windows\system32\CustomModeAppv2_0.exe
2014-11-19 22:35:30 ----A---- C:\windows\system32\drivers\IntcDAud.sys
2014-11-19 22:35:30 ----A---- C:\windows\system32\CustomModeApp.exe
2014-11-19 22:21:30 ----D---- C:\Program Files (x86)\Cisco
2014-11-19 22:13:17 ----A---- C:\windows\system32\KBDTUQ.DLL
2014-11-19 22:13:17 ----A---- C:\windows\system32\KBDTUF.DLL
2014-11-19 22:13:16 ----A---- C:\windows\SYSWOW64\KBDTUQ.DLL
2014-11-19 22:13:16 ----A---- C:\windows\SYSWOW64\KBDTUF.DLL
2014-11-19 17:16:10 ----A---- C:\windows\SYSWOW64\pku2u.dll
2014-11-19 17:16:10 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-11-19 17:16:10 ----A---- C:\windows\system32\pku2u.dll
2014-11-19 17:16:10 ----A---- C:\windows\system32\kerberos.dll
2014-11-15 11:01:15 ----D---- C:\Users\Marcel\AppData\Roaming\CyberLink
2014-11-13 17:16:38 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-11-13 17:16:38 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-11-13 17:16:37 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-11-13 17:16:37 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-11-13 17:16:37 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-13 17:16:37 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-11-13 17:16:37 ----A---- C:\windows\system32\iernonce.dll
2014-11-13 17:16:37 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-11-13 17:16:37 ----A---- C:\windows\system32\ieetwcollector.exe
2014-11-13 17:16:37 ----A---- C:\windows\system32\ie4uinit.exe
2014-11-13 17:16:36 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-11-13 17:16:36 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-11-13 17:16:36 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 17:16:35 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-11-13 17:16:34 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-11-13 17:16:34 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-11-13 17:16:34 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-11-13 17:16:34 ----A---- C:\windows\system32\urlmon.dll
2014-11-13 17:16:34 ----A---- C:\windows\system32\iedkcs32.dll
2014-11-13 17:16:33 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-11-13 17:16:33 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-11-13 17:16:33 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-11-13 17:16:33 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-11-13 17:16:32 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-11-13 17:16:32 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-11-13 17:16:32 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-13 17:16:32 ----A---- C:\windows\system32\msfeeds.dll
2014-11-13 17:16:32 ----A---- C:\windows\system32\dxtrans.dll
2014-11-13 17:16:31 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-11-13 17:16:31 ----A---- C:\windows\system32\iesetup.dll
2014-11-13 17:16:31 ----A---- C:\windows\system32\ieapfltr.dll
2014-11-13 17:16:30 ----A---- C:\windows\system32\iertutil.dll
2014-11-13 17:16:29 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-11-13 17:16:29 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-11-13 17:16:29 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-11-13 17:16:28 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-11-13 17:16:28 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-11-13 17:16:28 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-11-13 17:16:28 ----A---- C:\windows\system32\jsproxy.dll
2014-11-13 17:16:28 ----A---- C:\windows\system32\ieUnatt.exe
2014-11-13 17:16:27 ----A---- C:\windows\system32\ieui.dll
2014-11-13 17:16:27 ----A---- C:\windows\system32\dxtmsft.dll
2014-11-13 17:16:26 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-11-13 17:16:26 ----A---- C:\windows\system32\mshtmled.dll
2014-11-13 17:16:26 ----A---- C:\windows\system32\ieframe.dll
2014-11-13 17:16:25 ----A---- C:\windows\system32\wininet.dll
2014-11-13 17:16:25 ----A---- C:\windows\system32\vbscript.dll
2014-11-13 17:16:25 ----A---- C:\windows\system32\jscript9diag.dll
2014-11-13 17:16:25 ----A---- C:\windows\system32\jscript9.dll
2014-11-13 17:16:24 ----A---- C:\windows\system32\msrating.dll
2014-11-13 17:16:24 ----A---- C:\windows\system32\MshtmlDac.dll
2014-11-13 17:16:23 ----A---- C:\windows\system32\mshtml.dll
2014-11-13 17:15:09 ----A---- C:\windows\system32\generaltel.dll
2014-11-13 17:15:09 ----A---- C:\windows\system32\aepdu.dll
2014-11-13 17:15:08 ----A---- C:\windows\system32\aeinv.dll
2014-11-13 17:15:02 ----A---- C:\windows\system32\termsrv.dll
2014-11-13 17:15:01 ----A---- C:\windows\SYSWOW64\adtschema.dll
2014-11-13 17:15:01 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-11-13 17:15:01 ----A---- C:\windows\system32\adtschema.dll
2014-11-13 17:15:00 ----A---- C:\windows\SYSWOW64\msaudite.dll
2014-11-13 17:15:00 ----A---- C:\windows\system32\msaudite.dll
2014-11-13 17:15:00 ----A---- C:\windows\system32\lsasrv.dll
2014-11-13 17:14:59 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-11-13 17:14:59 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-11-13 07:34:37 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-11-13 07:34:37 ----A---- C:\windows\system32\msxml3.dll
2014-11-13 07:34:36 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-11-13 07:34:36 ----A---- C:\windows\system32\msxml3r.dll
2014-11-13 07:34:35 ----A---- C:\windows\SYSWOW64\IMJP10K.DLL
2014-11-13 07:34:35 ----A---- C:\windows\system32\IMJP10K.DLL
2014-11-13 07:34:32 ----A---- C:\windows\system32\AUDIOKSE.dll
2014-11-13 07:34:31 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2014-11-13 07:34:31 ----A---- C:\windows\system32\EncDump.dll
2014-11-13 07:34:31 ----A---- C:\windows\system32\audiosrv.dll
2014-11-13 07:34:31 ----A---- C:\windows\system32\AudioSes.dll
2014-11-13 07:34:31 ----A---- C:\windows\system32\AudioEng.dll
2014-11-13 07:34:30 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2014-11-13 07:34:30 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2014-11-13 07:34:25 ----A---- C:\windows\system32\schannel.dll
2014-11-13 07:34:24 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-11-13 07:34:24 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-11-13 07:34:24 ----A---- C:\windows\system32\ncrypt.dll
2014-11-13 07:34:17 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-11-13 07:34:15 ----A---- C:\windows\system32\msv1_0.dll
2014-11-13 07:34:13 ----A---- C:\windows\system32\wdigest.dll
2014-11-13 07:34:08 ----A---- C:\windows\system32\TSpkg.dll
2014-11-13 07:03:42 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-11-13 07:03:41 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-11-13 07:03:40 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-11-13 07:03:40 ----A---- C:\windows\system32\credssp.dll
2014-11-13 07:03:19 ----A---- C:\windows\SYSWOW64\packager.dll
2014-11-13 07:03:19 ----A---- C:\windows\system32\packager.dll
2014-11-13 07:03:17 ----A---- C:\windows\system32\win32k.sys
2014-11-13 07:03:12 ----A---- C:\windows\SYSWOW64\msi.dll
2014-11-13 07:03:12 ----A---- C:\windows\system32\msi.dll
2014-11-13 07:02:59 ----A---- C:\windows\system32\oleaut32.dll
2014-11-13 07:02:58 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2014-11-04 19:37:53 ----D---- C:\GOG Games
======List of files/folders modified in the last 1 month======
2014-11-26 23:37:41 ----RD---- C:\Program Files
2014-11-26 17:34:24 ----D---- C:\windows\system32\config
2014-11-26 17:26:01 ----D---- C:\windows\System32
2014-11-26 17:26:01 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-11-26 17:26:00 ----D---- C:\windows\inf
2014-11-26 17:23:22 ----A---- C:\windows\SYSWOW64\log.txt
2014-11-26 17:21:28 ----D---- C:\Users\Marcel\AppData\Roaming\Dropbox
2014-11-26 17:20:34 ----D---- C:\ProgramData\PDFC
2014-11-25 23:33:53 ----D---- C:\Program Files (x86)\FastShare
2014-11-24 23:35:45 ----SHD---- C:\windows\Installer
2014-11-24 23:35:45 ----SD---- C:\ProgramData\Microsoft
2014-11-24 23:34:44 ----D---- C:\Program Files (x86)
2014-11-24 23:34:32 ----SHD---- C:\System Volume Information
2014-11-24 23:34:27 ----D---- C:\Program Files\Internet Explorer
2014-11-24 23:30:29 ----D---- C:\Windows
2014-11-24 22:57:29 ----D---- C:\Qoobox
2014-11-24 22:55:35 ----A---- C:\windows\system.ini
2014-11-24 22:55:30 ----D---- C:\windows\system32\drivers\etc
2014-11-24 22:55:04 ----D---- C:\windows\Downloaded Program Files
2014-11-24 22:55:04 ----D---- C:\ProgramData
2014-11-24 22:53:05 ----D---- C:\windows\SYSWOW64\drivers
2014-11-24 22:53:05 ----D---- C:\windows\SysWOW64
2014-11-24 22:53:05 ----D---- C:\windows\AppPatch
2014-11-24 22:53:04 ----D---- C:\Program Files (x86)\Common Files
2014-11-24 22:48:11 ----D---- C:\windows\system32\drivers
2014-11-24 22:48:04 ----D---- C:\windows\Prefetch
2014-11-24 22:27:05 ----D---- C:\windows\winsxs
2014-11-24 00:35:59 ----RSD---- C:\windows\Fonts
2014-11-24 00:35:20 ----D---- C:\windows\system32\DriverStore
2014-11-24 00:35:14 ----D---- C:\windows\system32\catroot
2014-11-23 20:38:02 ----D---- C:\Users\Marcel\AppData\Roaming\vlc
2014-11-23 11:45:36 ----D---- C:\windows\Tasks
2014-11-23 11:45:36 ----D---- C:\windows\system32\Tasks
2014-11-23 11:43:56 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-23 11:31:23 ----D---- C:\windows\Microsoft.NET
2014-11-21 21:54:34 ----AD---- C:\ProgramData\Temp
2014-11-21 21:47:54 ----D---- C:\Users\Marcel\AppData\Roaming\Autodesk
2014-11-21 21:45:18 ----D---- C:\ProgramData\Autodesk
2014-11-21 21:43:36 ----RSD---- C:\windows\assembly
2014-11-21 21:43:15 ----D---- C:\Program Files\Autodesk
2014-11-21 21:27:42 ----D---- C:\Program Files\Common Files
2014-11-21 21:26:13 ----SD---- C:\Users\Marcel\AppData\Roaming\Microsoft
2014-11-21 21:25:39 ----D---- C:\windows\Logs
2014-11-21 21:25:32 ----D---- C:\Program Files (x86)\Microsoft Office
2014-11-21 21:22:03 ----D---- C:\Users\Marcel\AppData\Roaming\DAEMON Tools Lite
2014-11-21 19:11:04 ----D---- C:\ProgramData\FLEXnet
2014-11-21 00:16:38 ----D---- C:\Users\Marcel\AppData\Roaming\Skype
2014-11-19 22:43:30 ----D---- C:\swsetup
2014-11-19 22:42:26 ----A---- C:\windows\system32\drivers\USB3Ver.dll
2014-11-19 22:38:22 ----D---- C:\Program Files (x86)\Intel
2014-11-19 22:38:08 ----D---- C:\windows\system32\catroot2
2014-11-19 22:37:57 ----D---- C:\Program Files\Intel
2014-11-19 22:35:09 ----A---- C:\windows\system32\OpenCL.dll
2014-11-19 22:35:08 ----A---- C:\windows\SYSWOW64\OpenCL.dll
2014-11-19 22:35:03 ----A---- C:\windows\system32\igfxTray.exe
2014-11-19 22:31:01 ----D---- C:\windows\Hewlett-Packard
2014-11-19 22:22:39 ----D---- C:\ProgramData\Intel
2014-11-19 22:21:30 ----D---- C:\Program Files\Common Files\Intel
2014-11-19 22:12:36 ----D---- C:\windows\SoftwareDistribution
2014-11-19 22:12:33 ----D---- C:\Program Files (x86)\Hewlett-Packard
2014-11-19 22:05:31 ----D---- C:\windows\debug
2014-11-16 17:54:49 ----D---- C:\windows\rescache
2014-11-14 14:09:02 ----SD---- C:\windows\system32\CompatTel
2014-11-14 14:09:01 ----D---- C:\windows\SYSWOW64\en-US
2014-11-14 14:09:00 ----D---- C:\windows\system32\en-US
2014-11-14 14:08:58 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-14 10:38:50 ----D---- C:\ProgramData\Microsoft Help
2014-11-13 19:40:14 ----D---- C:\Users\Marcel\AppData\Roaming\Adobe
2014-11-13 07:36:51 ----D---- C:\windows\system32\MRT
2014-11-13 06:55:42 ----A---- C:\windows\system32\MRT.exe
2014-11-08 12:38:50 ----D---- C:\ProgramData\Skype
2014-11-04 14:30:58 ----N---- C:\windows\system32\MpSigStub.exe
2014-10-27 21:31:26 ----D---- C:\Program Files (x86)\Age of Empires II HD The Forgotten
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-09-08 31040]
R0 iaStor;Intel RAID Controller; C:\windows\system32\drivers\iaStor.sys [2012-05-30 569152]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3hcs.sys [2014-11-19 20464]
R0 MfeEpeOpal;MfeEpeOpal; C:\windows\system32\drivers\MfeEpeOpal.sys [2012-07-12 90736]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2012-07-12 158832]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-05-13 283064]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [2010-01-26 44576]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2010-12-21 170640]
R2 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 50624]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2013-04-10 11576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-09-08 43328]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2012-10-18 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2012-02-13 95232]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2012-02-13 747008]
R3 clwvd;CyberLink Webcam Sharing Manager; C:\windows\system32\DRIVERS\clwvd.sys [2012-08-28 40944]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2014-05-02 495376]
R3 Epfwndis;Eset Personal Firewall; C:\windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 34144]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2013-11-19 26936]
R3 ibtfltcoex;ibtfltcoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-03-21 60928]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-11-19 3791872]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-11-19 450520]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3hub.sys [2014-11-19 358896]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\windows\system32\DRIVERS\iusb3xhc.sys [2014-11-19 795632]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2014-11-19 176880]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2012-07-02 62784]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-10-12 34544]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-08-19 542208]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2014-10-12 549104]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 asezsoxy;asezsoxy; \??\C:\windows\system32\drivers\asezsoxy.sys []
S1 gcgqynzc;gcgqynzc; \??\C:\windows\system32\drivers\gcgqynzc.sys []
S1 nrtpdhfc;nrtpdhfc; \??\C:\windows\system32\drivers\nrtpdhfc.sys []
S1 qgiatgvz;qgiatgvz; \??\C:\windows\system32\drivers\qgiatgvz.sys []
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2012-09-04 64832]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HTCAND64;HTC Device Driver; C:\windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\windows\system32\DRIVERS\htcnprot.sys [2013-10-17 36928]
S3 irstrtdv;Intel(R) Rapid Start Technology Driver; C:\windows\system32\DRIVERS\irstrtdv.sys [2012-05-17 26504]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 rtsuvc;HP HD Webcam [Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2012-06-15 8222736]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SmbDrv;SmbDrv; C:\windows\system32\drivers\Smb_driver_AMDASF.sys [2012-08-25 41272]
S3 StillCam;Still Serial Digital Camera Driver; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-03-27 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-03-27 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-01-12 810144]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-08-07 378488]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2014-05-16 683296]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-09-08 33600]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-06-27 87368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-06-22 13632]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-04-23 1128312]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2012-04-23 984440]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-11-19 315352]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-19 129856]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\windows\SysWOW64\irstrtsv.exe [2012-05-16 193536]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-07-11 1327104]
R2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager; C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [2012-04-22 339776]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2013-07-18 1143432]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2012-04-23 212344]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-08-19 323072]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2012-07-19 2714232]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-03-27 1304912]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2014-04-09 1448248]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-07-21 494456]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-18 253600]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-11-19 279000]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 42360]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2012-09-04 477088]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-05-15 1432400]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 50942144]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: internet explorer - padá
Muzete mi rict, proc jste spoustel ComboFix? Umite s nim zachazet?Kdybyste si precetl pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 , docetl byste se mimo jine toto
CF smaze veskere stopy pripadne nakazy a ja ted muzu tak akorat varit z vody, jak se rika2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je. Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.
3. Zvláště utilitu ComboFix nespouštějte i když Vám ji poradil kamarád\nějaký rádoby odborný web. Naše fórum je jediné z CZ-SK antivirových fór, která mají právo luštit logy z ComboFixu a mámě též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.
A uz je to podruhe!!! Zkusim se na to podivat, ale pokud se to bude jeste jednou opakovat, bude pomoc odmitnuta.
A taky upozornuji, ze se to mozna protahne a vysledek vubec neni jisty
Zkopirujte mi sem log z ComboFixu. Je zde 2014-11-24 22:57:26 ----A---- C:\ComboFix.txt
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
marsell2607
- Návštěvník
- Příspěvky: 27
- Registrován: 21 led 2014 01:35
Re: internet explorer - padá
Zdravím, combofix som spustil pretože som si myslel, že mi pojde internet explorer, ale akosi to nepomohlo, tak až potom som sa obrátil tu na fóre.
Páči sa :
ComboFix 14-11-24.02 - Marcel . 11. 2014 22:50:02.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.8056.5047 [GMT 1:00]
Running from: c:\users\Marcel\Desktop\hudba\mp3\lenovo\skola\skola stolovy pc\ComboFix.exe
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
((((((((((((((((((((((((( Files Created from 2014-10-24 to 2014-11-24 )))))))))))))))))))))))))))))))
.
.
2014-11-24 21:55 . 2014-11-24 21:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-11-24 21:55 . 2014-11-24 21:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-24 21:33 . 2014-11-24 21:33 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD6EAF7A-721E-419F-9ED0-8F06E4B51D65}\offreg.dll
2014-11-24 21:26 . 2014-11-24 21:26 -------- d-----w- c:\program files (x86)\MSXML 4.0
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\AppData\Roaming\HTC
2014-11-23 23:36 . 2014-11-24 21:24 -------- d-----w- c:\users\Marcel\AppData\Local\HTC MediaHub
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\AppData\Roaming\Apple Computer
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\AppData\Local\Apple Computer
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\.android
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\programdata\HTC
2014-11-23 23:34 . 2014-11-23 23:35 -------- d-----w- c:\program files (x86)\HTC
2014-11-23 23:34 . 2014-11-23 23:34 -------- d-----w- c:\program files (x86)\Spirent Communications
2014-11-22 13:58 . 2014-11-17 01:08 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD6EAF7A-721E-419F-9ED0-8F06E4B51D65}\mpengine.dll
2014-11-21 20:47 . 2014-11-21 20:47 -------- d-----w- c:\users\Marcel\AppData\Local\Autodesk,_Inc
2014-11-21 20:47 . 2014-11-21 20:47 -------- d-----w- c:\users\Marcel\AppData\Local\Granta Design
2014-11-21 20:32 . 2014-11-21 20:32 -------- d-----w- C:\Temp
2014-11-21 20:27 . 2014-11-21 20:43 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2014-11-21 20:27 . 2014-11-21 20:27 -------- d-----w- c:\program files (x86)\DWG TrueView 2013
2014-11-21 20:26 . 2014-11-21 20:26 -------- d-----w- c:\program files (x86)\Microsoft WSE
2014-11-21 20:26 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-11-21 20:25 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-11-21 20:24 . 2014-11-21 20:24 -------- d-----w- c:\program files (x86)\Autodesk
2014-11-21 18:52 . 2014-11-21 18:52 -------- d-----w- c:\program files (x86)\7-Zip
2014-11-21 18:49 . 2014-11-21 18:49 -------- d-----w- c:\users\Marcel\IGC
2014-11-21 18:49 . 2014-11-21 18:49 -------- d-----w- c:\users\Marcel\AppData\Roaming\IGC
2014-11-21 18:49 . 2014-11-21 18:49 -------- d-----w- c:\program files (x86)\IGC
2014-11-20 22:14 . 2014-11-20 22:14 144 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-19 22:02 . 2014-11-19 22:02 -------- d-----w- c:\program files (x86)\Good Timing
2014-11-19 21:54 . 2014-11-19 21:54 -------- d-sh--w- c:\users\Marcel\AppData\Local\EmieBrowserModeList
2014-11-19 21:49 . 2014-11-19 21:49 -------- d-sh--w- c:\users\Marcel\IntelGraphicsProfiles
2014-11-19 21:49 . 2014-11-19 21:49 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-19 21:43 . 2014-11-19 21:43 176880 ----a-w- c:\windows\system32\drivers\jmcr.sys
2014-11-19 21:42 . 2014-11-19 21:42 795632 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2014-11-19 21:42 . 2014-11-19 21:42 358896 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2014-11-19 21:42 . 2014-11-19 21:42 20464 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2014-11-19 21:39 . 2014-05-02 11:02 495376 ----a-w- c:\windows\system32\drivers\e1c62x64.sys
2014-11-19 21:39 . 2013-07-25 02:08 73480 ----a-w- c:\windows\system32\e1cmsg.dll
2014-11-19 21:39 . 2013-07-11 02:27 89888 ----a-w- c:\windows\system32\NicInstC.dll
2014-11-19 21:21 . 2014-11-19 21:21 -------- d-----w- c:\program files (x86)\Cisco
2014-11-19 21:13 . 2012-09-04 06:55 8192 ----a-w- c:\windows\system32\KBDTUQ.DLL
2014-11-19 21:13 . 2012-09-04 06:55 8192 ----a-w- c:\windows\system32\KBDTUF.DLL
2014-11-19 21:13 . 2012-09-04 06:27 7680 ----a-w- c:\windows\SysWow64\KBDTUQ.DLL
2014-11-19 21:13 . 2012-09-04 06:27 7680 ----a-w- c:\windows\SysWow64\KBDTUF.DLL
2014-11-19 16:16 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 16:16 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 16:16 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-19 16:16 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-15 10:01 . 2014-11-15 10:01 -------- d-----w- c:\users\Marcel\AppData\Roaming\CyberLink
2014-11-15 10:01 . 2014-11-15 10:01 -------- d-----w- c:\users\Public\CyberLink
2014-11-15 10:01 . 2014-11-15 10:01 -------- d-----w- c:\users\Marcel\AppData\Local\CyberLink
2014-11-13 16:15 . 2014-11-05 17:56 304640 ----a-w- c:\windows\system32\generaltel.dll
2014-11-13 16:15 . 2014-11-05 17:56 228864 ----a-w- c:\windows\system32\aepdu.dll
2014-11-13 16:15 . 2014-11-05 17:52 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-11-13 16:15 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-11-13 16:15 . 2014-10-14 02:16 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-11-13 16:15 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-13 16:15 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-13 16:15 . 2014-10-14 02:12 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-13 16:15 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-13 16:15 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-11-13 16:14 . 2014-10-14 01:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-11-13 16:14 . 2014-10-14 01:49 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-11-13 06:03 . 2014-09-19 09:23 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-11-13 06:03 . 2014-09-19 09:23 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-11-13 06:03 . 2014-09-19 09:42 22016 ----a-w- c:\windows\system32\credssp.dll
2014-11-13 06:03 . 2014-09-19 09:23 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-11-13 06:03 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-13 06:03 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-13 06:03 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-13 06:03 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-13 06:03 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-13 06:02 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-13 06:02 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-04 18:37 . 2014-11-04 18:37 -------- d-----w- C:\GOG Games
2014-11-02 12:14 . 2014-11-02 12:14 -------- d-----w- c:\users\Marcel\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-19 21:42 . 2013-04-07 06:05 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll
2014-11-19 21:35 . 2012-09-02 17:10 64000 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-19 21:35 . 2012-09-02 17:10 60416 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-19 21:35 . 2012-09-02 21:21 444376 ----a-w- c:\windows\system32\igfxTray.exe
2014-11-13 05:55 . 2014-05-16 06:50 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-11-04 13:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-13 19:16 . 2014-10-13 19:16 249856 ------w- c:\windows\Setup1.exe
2014-10-13 19:16 . 2014-10-13 19:16 73216 ----a-w- c:\windows\ST6UNST.EXE
2014-10-12 11:34 . 2014-10-12 11:35 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-10-12 11:34 . 2014-10-12 11:35 549104 ----a-w- c:\windows\system32\drivers\SynTP.sys
2014-10-12 11:34 . 2014-10-12 11:35 422640 ----a-w- c:\windows\system32\SynTPCo19.dll
2014-10-12 11:34 . 2014-10-12 11:35 252144 ----a-w- c:\windows\system32\SynTPAPI.dll
2014-10-12 11:34 . 2014-10-12 11:35 169712 ----a-w- c:\windows\SysWow64\SynTPCom.dll
2014-10-12 11:34 . 2014-10-12 11:35 723184 ----a-w- c:\windows\system32\SynCOM.dll
2014-10-12 11:34 . 2014-10-12 11:35 400624 ----a-w- c:\windows\SysWow64\SynCom.dll
2014-10-12 11:34 . 2014-10-12 11:35 34544 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-10-12 11:34 . 2014-10-12 11:35 161880 ----a-w- c:\windows\system32\pca-manta.bin
2014-10-12 11:34 . 2014-10-12 11:35 92 ----a-w- c:\windows\system32\calibration.bin
2014-09-25 02:08 . 2014-09-30 19:04 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-09-30 19:04 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-19 09:23 . 2014-11-13 06:34 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-09-09 22:11 . 2014-09-24 20:18 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 20:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-04 05:23 . 2014-10-15 16:21 424448 ----a-w- c:\windows\system32\rastls.dll
2014-09-04 05:04 . 2014-10-15 16:21 372736 ----a-w- c:\windows\SysWow64\rastls.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Capture Screenshot lite"="c:\program files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe" [2014-07-17 3469312]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-06-22 56128]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-07-19 133440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-11-19 292088]
"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2012-08-31 136488]
"YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2012-08-31 167024]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-07-13 93296]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2012-08-07 12313720]
"IFXSPMGT"="c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2012-04-23 1128312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2013-07-18 683656]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2014-04-09 185144]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2014-05-16 336672]
.
c:\users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-11-13 35419192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2012-09-04 22:44 75680 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R1 asezsoxy;asezsoxy;c:\windows\system32\drivers\asezsoxy.sys;c:\windows\SYSNATIVE\drivers\asezsoxy.sys [x]
R1 gcgqynzc;gcgqynzc;c:\windows\system32\drivers\gcgqynzc.sys;c:\windows\SYSNATIVE\drivers\gcgqynzc.sys [x]
R1 nrtpdhfc;nrtpdhfc;c:\windows\system32\drivers\nrtpdhfc.sys;c:\windows\SYSNATIVE\drivers\nrtpdhfc.sys [x]
R1 qgiatgvz;qgiatgvz;c:\windows\system32\drivers\qgiatgvz.sys;c:\windows\SYSNATIVE\drivers\qgiatgvz.sys [x]
R1 yaopjmli;yaopjmli;c:\windows\system32\drivers\yaopjmli.sys;c:\windows\SYSNATIVE\drivers\yaopjmli.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys;c:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 rtsuvc;HP HD Webcam [Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys;c:\windows\SYSNATIVE\drivers\psd.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink Webcam Sharing Manager;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-11 19:32 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.122\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-18 01:35]
.
2014-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 18:55]
.
2014-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 18:55]
.
2014-11-24 c:\windows\Tasks\HPCeeScheduleForMarcel.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-03-15 178960]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-03-27 11407120]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-08-19 1664000]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2918656]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-03-09 462712]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-10-21 21720]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.100.1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
"OOBETimer"=hex:ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-11-24 22:57:26
ComboFix-quarantined-files.txt 2014-11-24 21:57
ComboFix2.txt 2014-10-21 18:59
ComboFix3.txt 2014-10-08 18:16
.
Pre-Run: 205 911 617 536 bytes free
Post-Run: 206 248 046 592 bytes free
.
- - End Of File - - 0B5E79E50BB653EAEA72BA0DEB578CB9
Páči sa :
ComboFix 14-11-24.02 - Marcel . 11. 2014 22:50:02.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.8056.5047 [GMT 1:00]
Running from: c:\users\Marcel\Desktop\hudba\mp3\lenovo\skola\skola stolovy pc\ComboFix.exe
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
((((((((((((((((((((((((( Files Created from 2014-10-24 to 2014-11-24 )))))))))))))))))))))))))))))))
.
.
2014-11-24 21:55 . 2014-11-24 21:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-11-24 21:55 . 2014-11-24 21:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-24 21:33 . 2014-11-24 21:33 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD6EAF7A-721E-419F-9ED0-8F06E4B51D65}\offreg.dll
2014-11-24 21:26 . 2014-11-24 21:26 -------- d-----w- c:\program files (x86)\MSXML 4.0
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\AppData\Roaming\HTC
2014-11-23 23:36 . 2014-11-24 21:24 -------- d-----w- c:\users\Marcel\AppData\Local\HTC MediaHub
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\AppData\Roaming\Apple Computer
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\AppData\Local\Apple Computer
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\.android
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\programdata\HTC
2014-11-23 23:34 . 2014-11-23 23:35 -------- d-----w- c:\program files (x86)\HTC
2014-11-23 23:34 . 2014-11-23 23:34 -------- d-----w- c:\program files (x86)\Spirent Communications
2014-11-22 13:58 . 2014-11-17 01:08 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD6EAF7A-721E-419F-9ED0-8F06E4B51D65}\mpengine.dll
2014-11-21 20:47 . 2014-11-21 20:47 -------- d-----w- c:\users\Marcel\AppData\Local\Autodesk,_Inc
2014-11-21 20:47 . 2014-11-21 20:47 -------- d-----w- c:\users\Marcel\AppData\Local\Granta Design
2014-11-21 20:32 . 2014-11-21 20:32 -------- d-----w- C:\Temp
2014-11-21 20:27 . 2014-11-21 20:43 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2014-11-21 20:27 . 2014-11-21 20:27 -------- d-----w- c:\program files (x86)\DWG TrueView 2013
2014-11-21 20:26 . 2014-11-21 20:26 -------- d-----w- c:\program files (x86)\Microsoft WSE
2014-11-21 20:26 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-11-21 20:25 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-11-21 20:24 . 2014-11-21 20:24 -------- d-----w- c:\program files (x86)\Autodesk
2014-11-21 18:52 . 2014-11-21 18:52 -------- d-----w- c:\program files (x86)\7-Zip
2014-11-21 18:49 . 2014-11-21 18:49 -------- d-----w- c:\users\Marcel\IGC
2014-11-21 18:49 . 2014-11-21 18:49 -------- d-----w- c:\users\Marcel\AppData\Roaming\IGC
2014-11-21 18:49 . 2014-11-21 18:49 -------- d-----w- c:\program files (x86)\IGC
2014-11-20 22:14 . 2014-11-20 22:14 144 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-19 22:02 . 2014-11-19 22:02 -------- d-----w- c:\program files (x86)\Good Timing
2014-11-19 21:54 . 2014-11-19 21:54 -------- d-sh--w- c:\users\Marcel\AppData\Local\EmieBrowserModeList
2014-11-19 21:49 . 2014-11-19 21:49 -------- d-sh--w- c:\users\Marcel\IntelGraphicsProfiles
2014-11-19 21:49 . 2014-11-19 21:49 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-19 21:43 . 2014-11-19 21:43 176880 ----a-w- c:\windows\system32\drivers\jmcr.sys
2014-11-19 21:42 . 2014-11-19 21:42 795632 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2014-11-19 21:42 . 2014-11-19 21:42 358896 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2014-11-19 21:42 . 2014-11-19 21:42 20464 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2014-11-19 21:39 . 2014-05-02 11:02 495376 ----a-w- c:\windows\system32\drivers\e1c62x64.sys
2014-11-19 21:39 . 2013-07-25 02:08 73480 ----a-w- c:\windows\system32\e1cmsg.dll
2014-11-19 21:39 . 2013-07-11 02:27 89888 ----a-w- c:\windows\system32\NicInstC.dll
2014-11-19 21:21 . 2014-11-19 21:21 -------- d-----w- c:\program files (x86)\Cisco
2014-11-19 21:13 . 2012-09-04 06:55 8192 ----a-w- c:\windows\system32\KBDTUQ.DLL
2014-11-19 21:13 . 2012-09-04 06:55 8192 ----a-w- c:\windows\system32\KBDTUF.DLL
2014-11-19 21:13 . 2012-09-04 06:27 7680 ----a-w- c:\windows\SysWow64\KBDTUQ.DLL
2014-11-19 21:13 . 2012-09-04 06:27 7680 ----a-w- c:\windows\SysWow64\KBDTUF.DLL
2014-11-19 16:16 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 16:16 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 16:16 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-19 16:16 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-15 10:01 . 2014-11-15 10:01 -------- d-----w- c:\users\Marcel\AppData\Roaming\CyberLink
2014-11-15 10:01 . 2014-11-15 10:01 -------- d-----w- c:\users\Public\CyberLink
2014-11-15 10:01 . 2014-11-15 10:01 -------- d-----w- c:\users\Marcel\AppData\Local\CyberLink
2014-11-13 16:15 . 2014-11-05 17:56 304640 ----a-w- c:\windows\system32\generaltel.dll
2014-11-13 16:15 . 2014-11-05 17:56 228864 ----a-w- c:\windows\system32\aepdu.dll
2014-11-13 16:15 . 2014-11-05 17:52 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-11-13 16:15 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-11-13 16:15 . 2014-10-14 02:16 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-11-13 16:15 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-13 16:15 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-13 16:15 . 2014-10-14 02:12 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-13 16:15 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-13 16:15 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-11-13 16:14 . 2014-10-14 01:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-11-13 16:14 . 2014-10-14 01:49 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-11-13 06:03 . 2014-09-19 09:23 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-11-13 06:03 . 2014-09-19 09:23 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-11-13 06:03 . 2014-09-19 09:42 22016 ----a-w- c:\windows\system32\credssp.dll
2014-11-13 06:03 . 2014-09-19 09:23 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-11-13 06:03 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-13 06:03 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-13 06:03 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-13 06:03 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-13 06:03 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-13 06:02 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-13 06:02 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-04 18:37 . 2014-11-04 18:37 -------- d-----w- C:\GOG Games
2014-11-02 12:14 . 2014-11-02 12:14 -------- d-----w- c:\users\Marcel\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-19 21:42 . 2013-04-07 06:05 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll
2014-11-19 21:35 . 2012-09-02 17:10 64000 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-19 21:35 . 2012-09-02 17:10 60416 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-19 21:35 . 2012-09-02 21:21 444376 ----a-w- c:\windows\system32\igfxTray.exe
2014-11-13 05:55 . 2014-05-16 06:50 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-11-04 13:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-13 19:16 . 2014-10-13 19:16 249856 ------w- c:\windows\Setup1.exe
2014-10-13 19:16 . 2014-10-13 19:16 73216 ----a-w- c:\windows\ST6UNST.EXE
2014-10-12 11:34 . 2014-10-12 11:35 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-10-12 11:34 . 2014-10-12 11:35 549104 ----a-w- c:\windows\system32\drivers\SynTP.sys
2014-10-12 11:34 . 2014-10-12 11:35 422640 ----a-w- c:\windows\system32\SynTPCo19.dll
2014-10-12 11:34 . 2014-10-12 11:35 252144 ----a-w- c:\windows\system32\SynTPAPI.dll
2014-10-12 11:34 . 2014-10-12 11:35 169712 ----a-w- c:\windows\SysWow64\SynTPCom.dll
2014-10-12 11:34 . 2014-10-12 11:35 723184 ----a-w- c:\windows\system32\SynCOM.dll
2014-10-12 11:34 . 2014-10-12 11:35 400624 ----a-w- c:\windows\SysWow64\SynCom.dll
2014-10-12 11:34 . 2014-10-12 11:35 34544 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-10-12 11:34 . 2014-10-12 11:35 161880 ----a-w- c:\windows\system32\pca-manta.bin
2014-10-12 11:34 . 2014-10-12 11:35 92 ----a-w- c:\windows\system32\calibration.bin
2014-09-25 02:08 . 2014-09-30 19:04 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-09-30 19:04 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-19 09:23 . 2014-11-13 06:34 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-09-09 22:11 . 2014-09-24 20:18 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 20:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-04 05:23 . 2014-10-15 16:21 424448 ----a-w- c:\windows\system32\rastls.dll
2014-09-04 05:04 . 2014-10-15 16:21 372736 ----a-w- c:\windows\SysWow64\rastls.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Capture Screenshot lite"="c:\program files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe" [2014-07-17 3469312]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-06-22 56128]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-07-19 133440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-11-19 292088]
"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2012-08-31 136488]
"YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2012-08-31 167024]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-07-13 93296]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2012-08-07 12313720]
"IFXSPMGT"="c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2012-04-23 1128312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2013-07-18 683656]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2014-04-09 185144]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2014-05-16 336672]
.
c:\users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-11-13 35419192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2012-09-04 22:44 75680 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R1 asezsoxy;asezsoxy;c:\windows\system32\drivers\asezsoxy.sys;c:\windows\SYSNATIVE\drivers\asezsoxy.sys [x]
R1 gcgqynzc;gcgqynzc;c:\windows\system32\drivers\gcgqynzc.sys;c:\windows\SYSNATIVE\drivers\gcgqynzc.sys [x]
R1 nrtpdhfc;nrtpdhfc;c:\windows\system32\drivers\nrtpdhfc.sys;c:\windows\SYSNATIVE\drivers\nrtpdhfc.sys [x]
R1 qgiatgvz;qgiatgvz;c:\windows\system32\drivers\qgiatgvz.sys;c:\windows\SYSNATIVE\drivers\qgiatgvz.sys [x]
R1 yaopjmli;yaopjmli;c:\windows\system32\drivers\yaopjmli.sys;c:\windows\SYSNATIVE\drivers\yaopjmli.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys;c:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 rtsuvc;HP HD Webcam [Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys;c:\windows\SYSNATIVE\drivers\psd.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink Webcam Sharing Manager;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-11 19:32 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.122\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-18 01:35]
.
2014-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 18:55]
.
2014-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 18:55]
.
2014-11-24 c:\windows\Tasks\HPCeeScheduleForMarcel.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-03-15 178960]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-03-27 11407120]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-08-19 1664000]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2918656]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-03-09 462712]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-10-21 21720]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.100.1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
"OOBETimer"=hex:ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-11-24 22:57:26
ComboFix-quarantined-files.txt 2014-11-24 21:57
ComboFix2.txt 2014-10-21 18:59
ComboFix3.txt 2014-10-08 18:16
.
Pre-Run: 205 911 617 536 bytes free
Post-Run: 206 248 046 592 bytes free
.
- - End Of File - - 0B5E79E50BB653EAEA72BA0DEB578CB9
Re: internet explorer - padá
Ale uz minule jste spustil CF jen tak 
Vypnete trvale Windows Defender.
Ten Eset je zakoupeny, nebo cracknuty?
Presunte ComboFix primo na plochu, jinak to nebude fungovat!
Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Vypnete trvale Windows Defender. Ten Eset je zakoupeny, nebo cracknuty? Presunte ComboFix primo na plochu, jinak to nebude fungovat! Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
KillAll::
File::
c:\windows\system32\drivers\asezsoxy.sys
c:\windows\system32\drivers\gcgqynzc.sys
c:\windows\system32\drivers\nrtpdhfc.sys
c:\windows\system32\drivers\qgiatgvz.sys
c:\windows\system32\drivers\yaopjmli.sys
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"CCleaner Monitoring"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=-
"Adobe ARM"=-
"PDF Complete"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=-
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\WPAEvents]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Driver::
asezsoxy
gcgqynzc
nrtpdhfc
qgiatgvz
yaopjmli
SkypeUpdate
NAUpdate
Reboot::Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradkuPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
marsell2607
- Návštěvník
- Příspěvky: 27
- Registrován: 21 led 2014 01:35
Re: internet explorer - padá
Po reštartovaní pc mi nabehol bez problémov. Licenciu esetu mám do 31.12.2015.
Combofix už nebudem používať sám bez radcov tu na fóre.
Páči sa:
ComboFix 14-11-25.01 - Marcel . 11. 2014 15:22:13.4.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.8056.5209 [GMT 1:00]
Running from: C:\Users\Marcel\Desktop\ComboFix.exe
Command switches used :: C:\Users\Marcel\Desktop\CFScript.txt
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
FILE ::
"c:\windows\system32\drivers\as
ezsoxy.sys"
"c:\windows\system32\drivers\gcgqynzc.sys"
"c:\windows\system32\drivers\nrtpdhfc.sys"
"c:\windows\system32\drivers\qgiatgvz.sys"
"c:\windows\system32\drivers\yaopjmli.sys"
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\windows\msdownld.tmp
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_asezsoxy
-------\Service_gcgqynzc
-------\Service_NAUpdate
-------\Service_nrtpdhfc
-------\Service_qgiatgvz
-------\Service_SkypeUpdate
-------\Service_yaopjmli
((((((((((((((((((((((((( Files Created from 2014-10-28 to 2014-11-30 )))))))))))))))))))))))))))))))
2014-11-30 14:27:31 . 2014-11-30 14:27:31 -------- d-----w- C:\Users\Public\AppData\Local\temp
2014-11-30 14:27:31 . 2014-11-30 14:27:31 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-11-28 22:16:13 . 2014-11-17 01:08:10 11632448 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8C654560-B390-4A5E-B211-39C63C2D7DC0}\mpengine.dll
2014-11-26 22:37:41 . 2014-11-26 22:37:50 -------- d-----w- C:\rsit
2014-11-26 22:37:41 . 2014-11-26 22:37:45 -------- d-----w- C:\Program Files\trend micro
2014-11-24 22:34:44 . 2014-11-24 22:34:45 -------- d-----w- C:\Program Files\Microsoft Silverlight
2014-11-24 22:34:44 . 2014-11-24 22:34:45 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight
2014-11-24 21:26:47 . 2014-11-24 21:26:47 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2014-11-23 23:36:28 . 2014-11-23 23:36:35 -------- d-----w- C:\Users\Marcel\AppData\Roaming\HTC
2014-11-23 23:36:18 . 2014-11-30 14:30:08 -------- d-----w- C:\Users\Marcel\AppData\Local\HTC MediaHub
2014-11-23 23:36:18 . 2014-11-23 23:36:18 -------- d-----w- C:\Users\Marcel\AppData\Roaming\Apple Computer
2014-11-23 23:36:18 . 2014-11-23 23:36:18 -------- d-----w- C:\Users\Marcel\AppData\Local\Apple Computer
2014-11-23 23:36:10 . 2014-11-23 23:36:13 -------- d-----w- C:\Users\Marcel\.android
2014-11-23 23:36:09 . 2014-11-23 23:36:09 -------- d-----w- C:\ProgramData\HTC
2014-11-23 23:34:58 . 2014-11-23 23:35:39 -------- d-----w- C:\Program Files (x86)\HTC
2014-11-23 23:34:58 . 2014-11-23 23:34:58 -------- d-----w- C:\Program Files (x86)\Spirent Communications
2014-11-21 20:47:54 . 2014-11-21 20:47:54 -------- d-----w- C:\Users\Marcel\AppData\Local\Autodesk,_Inc
2014-11-21 20:47:39 . 2014-11-21 20:47:39 -------- d-----w- C:\Users\Marcel\AppData\Local\Granta Design
2014-11-21 20:32:39 . 2014-11-21 20:32:39 -------- d-----w- C:\Temp
2014-11-21 20:27:42 . 2014-11-21 20:43:14 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared
2014-11-21 20:27:42 . 2014-11-21 20:27:42 -------- d-----w- C:\Program Files (x86)\DWG TrueView 2013
2014-11-21 20:26:13 . 2014-11-21 20:26:13 -------- d-----w- C:\Program Files (x86)\Microsoft WSE
2014-11-21 20:26:10 . 2010-05-26 10:41:02 2526056 ----a-w- C:\windows\system32\D3DCompiler_43.dll
2014-11-21 20:26:09 . 2010-05-26 10:41:02 276832 ----a-w- C:\windows\system32\d3dx11_43.dll
2014-11-21 20:26:09 . 2010-05-26 10:41:02 248672 ----a-w- C:\windows\SysWow64\d3dx11_43.dll
2014-11-21 20:26:09 . 2010-05-26 10:41:02 1907552 ----a-w- C:\windows\system32\d3dcsx_43.dll
2014-11-21 20:26:09 . 2010-05-26 10:41:02 1868128 ----a-w- C:\windows\SysWow64\d3dcsx_43.dll
2014-11-21 20:26:08 . 2010-05-26 10:41:02 511328 ----a-w- C:\windows\system32\d3dx10_43.dll
2014-11-21 20:26:08 . 2010-05-26 10:41:02 470880 ----a-w- C:\windows\SysWow64\d3dx10_43.dll
2014-11-21 20:25:59 . 2010-05-26 10:41:00 2401112 ----a-w- C:\windows\system32\D3DX9_43.dll
2014-11-21 20:24:33 . 2014-11-21 20:24:33 -------- d-----w- C:\Program Files (x86)\Autodesk
2014-11-21 18:52:44 . 2014-11-21 18:52:46 -------- d-----w- C:\Program Files (x86)\7-Zip
2014-11-21 18:49:50 . 2014-11-21 18:49:50 -------- d-----w- C:\Users\Marcel\IGC
2014-11-21 18:49:50 . 2014-11-21 18:49:50 -------- d-----w- C:\Users\Marcel\AppData\Roaming\IGC
2014-11-21 18:49:32 . 2014-11-21 18:49:32 -------- d-----w- C:\Program Files (x86)\IGC
2014-11-20 22:14:40 . 2014-11-20 22:14:40 144 ----a-w- C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-19 22:02:24 . 2014-11-19 22:02:25 -------- d-----w- C:\Program Files (x86)\Good Timing
2014-11-19 21:54:01 . 2014-11-19 21:54:01 -------- d-sh--w- C:\Users\Marcel\AppData\Local\EmieBrowserModeList
2014-11-19 21:49:24 . 2014-11-19 21:49:24 -------- d-sh--w- C:\Users\Marcel\IntelGraphicsProfiles
2014-11-19 21:49:16 . 2014-11-19 21:49:16 451 ----a-w- C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-19 21:43:30 . 2014-11-19 21:43:28 176880 ----a-w- C:\windows\system32\drivers\jmcr.sys
2014-11-19 21:42:28 . 2014-11-19 21:42:26 795632 ----a-w- C:\windows\system32\drivers\iusb3xhc.sys
2014-11-19 21:42:28 . 2014-11-19 21:42:25 358896 ----a-w- C:\windows\system32\drivers\iusb3hub.sys
2014-11-19 21:42:28 . 2014-11-19 21:42:25 20464 ----a-w- C:\windows\system32\drivers\iusb3hcs.sys
2014-11-19 21:39:28 . 2014-05-02 11:02:50 495376 ----a-w- C:\windows\system32\drivers\e1c62x64.sys
2014-11-19 21:39:28 . 2013-07-25 02:08:52 73480 ----a-w- C:\windows\system32\e1cmsg.dll
2014-11-19 21:39:28 . 2013-07-11 02:27:32 89888 ----a-w- C:\windows\system32\NicInstC.dll
2014-11-19 21:21:30 . 2014-11-19 21:21:30 -------- d-----w- C:\Program Files (x86)\Cisco
2014-11-19 21:13:17 . 2012-09-04 06:55:40 8192 ----a-w- C:\windows\system32\KBDTUQ.DLL
2014-11-19 21:13:17 . 2012-09-04 06:55:40 8192 ----a-w- C:\windows\system32\KBDTUF.DLL
2014-11-19 21:13:16 . 2012-09-04 06:27:10 7680 ----a-w- C:\windows\SysWow64\KBDTUQ.DLL
2014-11-19 21:13:16 . 2012-09-04 06:27:10 7680 ----a-w- C:\windows\SysWow64\KBDTUF.DLL
2014-11-19 16:16:10 . 2014-11-11 03:08:52 241152 ----a-w- C:\windows\system32\pku2u.dll
2014-11-19 16:16:10 . 2014-11-11 03:08:48 728064 ----a-w- C:\windows\system32\kerberos.dll
2014-11-19 16:16:10 . 2014-11-11 02:44:32 186880 ----a-w- C:\windows\SysWow64\pku2u.dll
2014-11-19 16:16:10 . 2014-11-11 02:44:25 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-11-15 10:01:15 . 2014-11-15 10:01:15 -------- d-----w- C:\Users\Marcel\AppData\Roaming\CyberLink
2014-11-15 10:01:10 . 2014-11-15 10:01:10 -------- d-----w- C:\Users\Public\CyberLink
2014-11-15 10:01:06 . 2014-11-15 10:01:06 -------- d-----w- C:\Users\Marcel\AppData\Local\CyberLink
2014-11-13 16:15:09 . 2014-11-05 17:56:54 304640 ----a-w- C:\windows\system32\generaltel.dll
2014-11-13 16:15:09 . 2014-11-05 17:56:36 228864 ----a-w- C:\windows\system32\aepdu.dll
2014-11-13 16:15:08 . 2014-11-05 17:52:22 424448 ----a-w- C:\windows\system32\aeinv.dll
2014-11-13 16:15:02 . 2014-10-14 02:13:06 683520 ----a-w- C:\windows\system32\termsrv.dll
2014-11-13 16:15:01 . 2014-10-14 02:16:37 155064 ----a-w- C:\windows\system32\drivers\ksecpkg.sys
2014-11-13 16:15:01 . 2014-10-14 02:07:31 681984 ----a-w- C:\windows\system32\adtschema.dll
2014-11-13 16:15:01 . 2014-10-14 01:46:02 681984 ----a-w- C:\windows\SysWow64\adtschema.dll
2014-11-13 16:15:00 . 2014-10-14 02:12:57 1460736 ----a-w- C:\windows\system32\lsasrv.dll
2014-11-13 16:15:00 . 2014-10-14 02:09:31 146432 ----a-w- C:\windows\system32\msaudite.dll
2014-11-13 16:15:00 . 2014-10-14 01:47:30 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2014-11-13 16:14:59 . 2014-10-14 01:50:47 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-11-13 16:14:59 . 2014-10-14 01:49:38 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-11-13 06:03:42 . 2014-09-19 09:23:55 172032 ----a-w- C:\windows\SysWow64\wdigest.dll
2014-11-13 06:03:41 . 2014-09-19 09:23:52 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll
2014-11-13 06:03:40 . 2014-09-19 09:42:41 22016 ----a-w- C:\windows\system32\credssp.dll
2014-11-13 06:03:40 . 2014-09-19 09:23:36 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2014-11-13 06:03:19 . 2014-10-25 01:57:59 77824 ----a-w- C:\windows\system32\packager.dll
2014-11-13 06:03:19 . 2014-10-25 01:32:37 67584 ----a-w- C:\windows\SysWow64\packager.dll
2014-11-13 06:03:17 . 2014-10-10 00:57:42 3198976 ----a-w- C:\windows\system32\win32k.sys
2014-11-13 06:03:12 . 2014-10-14 02:13:00 3241984 ----a-w- C:\windows\system32\msi.dll
2014-11-13 06:03:12 . 2014-10-14 01:50:41 2363904 ----a-w- C:\windows\SysWow64\msi.dll
2014-11-13 06:02:59 . 2014-10-18 02:05:23 861696 ----a-w- C:\windows\system32\oleaut32.dll
2014-11-13 06:02:58 . 2014-10-18 01:33:18 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2014-11-04 18:37:53 . 2014-11-04 18:37:53 -------- d-----w- C:\GOG Games
2014-11-02 12:14:41 . 2014-11-02 12:14:41 -------- d-----w- C:\Users\Marcel\AppData\Local\Diagnostics
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2014-11-19 21:42:26 . 2013-04-07 06:05:24 41984 ----a-w- C:\windows\system32\drivers\USB3Ver.dll
2014-11-19 21:35:09 . 2012-09-02 17:10:28 64000 ----a-w- C:\windows\system32\OpenCL.dll
2014-11-19 21:35:08 . 2012-09-02 17:10:28 60416 ----a-w- C:\windows\SysWow64\OpenCL.dll
2014-11-19 21:35:03 . 2012-09-02 21:21:52 444376 ----a-w- C:\windows\system32\igfxTray.exe
2014-11-13 05:55:42 . 2014-05-16 06:50:30 103374192 ----a-w- C:\windows\system32\MRT.exe
2014-11-04 13:30:58 . 2010-11-21 03:27:21 275080 ------w- C:\windows\system32\MpSigStub.exe
2014-10-13 19:16:34 . 2014-10-13 19:16:34 249856 ------w- C:\windows\Setup1.exe
2014-10-13 19:16:33 . 2014-10-13 19:16:33 73216 ----a-w- C:\windows\ST6UNST.EXE
2014-10-12 11:34:54 . 2014-10-12 11:35:15 1795952 ----a-w- C:\windows\system32\WdfCoInstaller01011.dll
2014-10-12 11:34:51 . 2014-10-12 11:35:14 549104 ----a-w- C:\windows\system32\drivers\SynTP.sys
2014-10-12 11:34:51 . 2014-10-12 11:35:14 422640 ----a-w- C:\windows\system32\SynTPCo19.dll
2014-10-12 11:34:51 . 2014-10-12 11:35:14 252144 ----a-w- C:\windows\system32\SynTPAPI.dll
2014-10-12 11:34:51 . 2014-10-12 11:35:14 169712 ----a-w- C:\windows\SysWow64\SynTPCom.dll
2014-10-12 11:34:49 . 2014-10-12 11:35:12 723184 ----a-w- C:\windows\system32\SynCOM.dll
2014-10-12 11:34:49 . 2014-10-12 11:35:12 400624 ----a-w- C:\windows\SysWow64\SynCom.dll
2014-10-12 11:34:47 . 2014-10-12 11:35:11 34544 ----a-w- C:\windows\system32\drivers\Smb_driver_Intel.sys
2014-10-12 11:34:47 . 2014-10-12 11:35:11 161880 ----a-w- C:\windows\system32\pca-manta.bin
2014-10-12 11:34:46 . 2014-10-12 11:35:07 92 ----a-w- C:\windows\system32\calibration.bin
2014-09-25 02:08:38 . 2014-09-30 19:04:20 371712 ----a-w- C:\windows\system32\qdvd.dll
2014-09-25 01:40:50 . 2014-09-30 19:04:20 519680 ----a-w- C:\windows\SysWow64\qdvd.dll
2014-09-19 09:23:49 . 2014-11-13 06:34:24 248832 ----a-w- C:\windows\SysWow64\schannel.dll
2014-09-09 22:11:04 . 2014-09-24 20:18:01 2048 ----a-w- C:\windows\system32\tzres.dll
2014-09-09 21:47:10 . 2014-09-24 20:18:01 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2014-09-04 05:23:20 . 2014-10-15 16:21:31 424448 ----a-w- C:\windows\system32\rastls.dll
2014-09-04 05:04:15 . 2014-10-15 16:21:31 372736 ----a-w- C:\windows\SysWow64\rastls.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 131480 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 131480 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 131480 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Capture Screenshot lite"="C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe" [2014-07-17 09:57:46 3469312]
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" [BU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-06-22 22:02:12 56128]
"IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-07-19 05:00:42 133440]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-11-19 21:42:25 292088]
"YouCam Mirage"="c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" [2012-08-31 16:42:22 136488]
"YouCam Tray"="c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" [2012-08-31 16:42:22 167024]
"File Sanitizer"="C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2012-08-07 20:15:48 12313720]
"IFXSPMGT"="c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2012-04-23 05:54:36 1128312]
"HPConnectionManager"="C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2014-04-09 13:17:20 185144]
"QLBController"="C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2014-05-16 08:59:30 336672]
C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-11-13 35419192]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2012-09-04 22:44:54 75680 ----a-w- C:\Windows\System32\DeviceNP.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\windows\system32\DRIVERS\amppal.sys;C:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 DAMDrv;DAMDrv;C:\windows\system32\DRIVERS\DAMDrv64.sys;C:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dmvsc;dmvsc;C:\windows\system32\drivers\dmvsc.sys;C:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 HTCAND64;HTC Device Driver;C:\windows\system32\Drivers\ANDROIDUSB.sys;C:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;C:\windows\system32\DRIVERS\htcnprot.sys;C:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\system32\IEEtwCollector.exe;C:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver;C:\windows\system32\DRIVERS\irstrtdv.sys;C:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 rtsuvc;HP HD Webcam [Fixed];C:\windows\system32\DRIVERS\rtsuvc.sys;C:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
R3 SmbDrv;SmbDrv;C:\windows\system32\drivers\Smb_driver_AMDASF.sys;C:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys;C:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys;C:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;C:\windows\system32\Wat\WatAdminSvc.exe;C:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;C:\windows\system32\DRIVERS\iusb3hcs.sys;C:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys;C:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;C:\windows\system32\DRIVERS\ehdrv.sys;C:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 PersonalSecureDrive;PersonalSecureDrive;C:\windows\System32\drivers\psd.sys;C:\windows\SYSNATIVE\drivers\psd.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 eamonm;eamonm;C:\windows\system32\DRIVERS\eamonm.sys;C:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 epfwwfp;epfwwfp;C:\windows\system32\DRIVERS\epfwwfp.sys;C:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;C:\windows\system32\Hpservice.exe;C:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\windows\system32\igfxCUIService.exe;C:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\Program Files\Intel\iCLS Client\HeciServer.exe;c:\Program Files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 irstrtsv;Intel(R) Rapid Start Technology Service;C:\windows\SysWOW64\irstrtsv.exe;C:\windows\SysWOW64\irstrtsv.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe;C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [x]
S2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [x]
S2 SSPORT;SSPORT;C:\windows\system32\Drivers\SSPORT.sys;C:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\system32\vcsFPService.exe;C:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\windows\system32\DRIVERS\AMPPAL.sys;C:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\system32\DRIVERS\btmaux.sys;C:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;C:\windows\system32\DRIVERS\btmhsf.sys;C:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink Webcam Sharing Manager;C:\windows\system32\DRIVERS\clwvd.sys;C:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S3 ibtfltcoex;ibtfltcoex;C:\windows\system32\DRIVERS\iBtFltCoex.sys;C:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;C:\windows\system32\DRIVERS\IntcDAud.sys;C:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;C:\windows\system32\DRIVERS\iusb3hub.sys;C:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;C:\windows\system32\DRIVERS\iusb3xhc.sys;C:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys;C:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 SmbDrvI;SmbDrvI;C:\windows\system32\DRIVERS\Smb_driver_Intel.sys;C:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-11 19:32:29 1089352 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\Installer\chrmstp.exe
Contents of the 'Scheduled Tasks' folder
2014-11-30 C:\windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-18 01:35:35 . 2012-10-18 01:35:35]
2014-11-30 C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 18:55:33 . 2014-08-12 18:55:27]
2014-11-30 C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 18:55:33 . 2014-08-12 18:55:27]
2014-11-30 C:\windows\Tasks\HPCeeScheduleForMarcel.job
- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43:00 . 2011-07-15 11:43:00]
--------- X64 Entries -----------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 164760 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 164760 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 164760 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 164760 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-03-15 17:58:54 178960]
"BTMTrayAgent"="C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll" [2012-03-27 15:01:14 11407120]
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [2012-08-19 16:45:20 1664000]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2011-01-12 14:41:26 2918656]
"CDAServer"="C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-03-09 07:58:54 462712]
"SynTPEnh"="C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 22:01:28 415680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-10-21 20:02:20 21720]
------- Supplementary Scan -------
uLocal Page = C:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = C:\Windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - C:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
- - - - ORPHANS REMOVED - - - -
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - C:\Program Files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
Combofix už nebudem používať sám bez radcov tu na fóre.
Páči sa:
ComboFix 14-11-25.01 - Marcel . 11. 2014 15:22:13.4.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.8056.5209 [GMT 1:00]
Running from: C:\Users\Marcel\Desktop\ComboFix.exe
Command switches used :: C:\Users\Marcel\Desktop\CFScript.txt
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
FILE ::
"c:\windows\system32\drivers\as
ezsoxy.sys"
"c:\windows\system32\drivers\gcgqynzc.sys"
"c:\windows\system32\drivers\nrtpdhfc.sys"
"c:\windows\system32\drivers\qgiatgvz.sys"
"c:\windows\system32\drivers\yaopjmli.sys"
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\windows\msdownld.tmp
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_asezsoxy
-------\Service_gcgqynzc
-------\Service_NAUpdate
-------\Service_nrtpdhfc
-------\Service_qgiatgvz
-------\Service_SkypeUpdate
-------\Service_yaopjmli
((((((((((((((((((((((((( Files Created from 2014-10-28 to 2014-11-30 )))))))))))))))))))))))))))))))
2014-11-30 14:27:31 . 2014-11-30 14:27:31 -------- d-----w- C:\Users\Public\AppData\Local\temp
2014-11-30 14:27:31 . 2014-11-30 14:27:31 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-11-28 22:16:13 . 2014-11-17 01:08:10 11632448 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8C654560-B390-4A5E-B211-39C63C2D7DC0}\mpengine.dll
2014-11-26 22:37:41 . 2014-11-26 22:37:50 -------- d-----w- C:\rsit
2014-11-26 22:37:41 . 2014-11-26 22:37:45 -------- d-----w- C:\Program Files\trend micro
2014-11-24 22:34:44 . 2014-11-24 22:34:45 -------- d-----w- C:\Program Files\Microsoft Silverlight
2014-11-24 22:34:44 . 2014-11-24 22:34:45 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight
2014-11-24 21:26:47 . 2014-11-24 21:26:47 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2014-11-23 23:36:28 . 2014-11-23 23:36:35 -------- d-----w- C:\Users\Marcel\AppData\Roaming\HTC
2014-11-23 23:36:18 . 2014-11-30 14:30:08 -------- d-----w- C:\Users\Marcel\AppData\Local\HTC MediaHub
2014-11-23 23:36:18 . 2014-11-23 23:36:18 -------- d-----w- C:\Users\Marcel\AppData\Roaming\Apple Computer
2014-11-23 23:36:18 . 2014-11-23 23:36:18 -------- d-----w- C:\Users\Marcel\AppData\Local\Apple Computer
2014-11-23 23:36:10 . 2014-11-23 23:36:13 -------- d-----w- C:\Users\Marcel\.android
2014-11-23 23:36:09 . 2014-11-23 23:36:09 -------- d-----w- C:\ProgramData\HTC
2014-11-23 23:34:58 . 2014-11-23 23:35:39 -------- d-----w- C:\Program Files (x86)\HTC
2014-11-23 23:34:58 . 2014-11-23 23:34:58 -------- d-----w- C:\Program Files (x86)\Spirent Communications
2014-11-21 20:47:54 . 2014-11-21 20:47:54 -------- d-----w- C:\Users\Marcel\AppData\Local\Autodesk,_Inc
2014-11-21 20:47:39 . 2014-11-21 20:47:39 -------- d-----w- C:\Users\Marcel\AppData\Local\Granta Design
2014-11-21 20:32:39 . 2014-11-21 20:32:39 -------- d-----w- C:\Temp
2014-11-21 20:27:42 . 2014-11-21 20:43:14 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared
2014-11-21 20:27:42 . 2014-11-21 20:27:42 -------- d-----w- C:\Program Files (x86)\DWG TrueView 2013
2014-11-21 20:26:13 . 2014-11-21 20:26:13 -------- d-----w- C:\Program Files (x86)\Microsoft WSE
2014-11-21 20:26:10 . 2010-05-26 10:41:02 2526056 ----a-w- C:\windows\system32\D3DCompiler_43.dll
2014-11-21 20:26:09 . 2010-05-26 10:41:02 276832 ----a-w- C:\windows\system32\d3dx11_43.dll
2014-11-21 20:26:09 . 2010-05-26 10:41:02 248672 ----a-w- C:\windows\SysWow64\d3dx11_43.dll
2014-11-21 20:26:09 . 2010-05-26 10:41:02 1907552 ----a-w- C:\windows\system32\d3dcsx_43.dll
2014-11-21 20:26:09 . 2010-05-26 10:41:02 1868128 ----a-w- C:\windows\SysWow64\d3dcsx_43.dll
2014-11-21 20:26:08 . 2010-05-26 10:41:02 511328 ----a-w- C:\windows\system32\d3dx10_43.dll
2014-11-21 20:26:08 . 2010-05-26 10:41:02 470880 ----a-w- C:\windows\SysWow64\d3dx10_43.dll
2014-11-21 20:25:59 . 2010-05-26 10:41:00 2401112 ----a-w- C:\windows\system32\D3DX9_43.dll
2014-11-21 20:24:33 . 2014-11-21 20:24:33 -------- d-----w- C:\Program Files (x86)\Autodesk
2014-11-21 18:52:44 . 2014-11-21 18:52:46 -------- d-----w- C:\Program Files (x86)\7-Zip
2014-11-21 18:49:50 . 2014-11-21 18:49:50 -------- d-----w- C:\Users\Marcel\IGC
2014-11-21 18:49:50 . 2014-11-21 18:49:50 -------- d-----w- C:\Users\Marcel\AppData\Roaming\IGC
2014-11-21 18:49:32 . 2014-11-21 18:49:32 -------- d-----w- C:\Program Files (x86)\IGC
2014-11-20 22:14:40 . 2014-11-20 22:14:40 144 ----a-w- C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-19 22:02:24 . 2014-11-19 22:02:25 -------- d-----w- C:\Program Files (x86)\Good Timing
2014-11-19 21:54:01 . 2014-11-19 21:54:01 -------- d-sh--w- C:\Users\Marcel\AppData\Local\EmieBrowserModeList
2014-11-19 21:49:24 . 2014-11-19 21:49:24 -------- d-sh--w- C:\Users\Marcel\IntelGraphicsProfiles
2014-11-19 21:49:16 . 2014-11-19 21:49:16 451 ----a-w- C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-19 21:43:30 . 2014-11-19 21:43:28 176880 ----a-w- C:\windows\system32\drivers\jmcr.sys
2014-11-19 21:42:28 . 2014-11-19 21:42:26 795632 ----a-w- C:\windows\system32\drivers\iusb3xhc.sys
2014-11-19 21:42:28 . 2014-11-19 21:42:25 358896 ----a-w- C:\windows\system32\drivers\iusb3hub.sys
2014-11-19 21:42:28 . 2014-11-19 21:42:25 20464 ----a-w- C:\windows\system32\drivers\iusb3hcs.sys
2014-11-19 21:39:28 . 2014-05-02 11:02:50 495376 ----a-w- C:\windows\system32\drivers\e1c62x64.sys
2014-11-19 21:39:28 . 2013-07-25 02:08:52 73480 ----a-w- C:\windows\system32\e1cmsg.dll
2014-11-19 21:39:28 . 2013-07-11 02:27:32 89888 ----a-w- C:\windows\system32\NicInstC.dll
2014-11-19 21:21:30 . 2014-11-19 21:21:30 -------- d-----w- C:\Program Files (x86)\Cisco
2014-11-19 21:13:17 . 2012-09-04 06:55:40 8192 ----a-w- C:\windows\system32\KBDTUQ.DLL
2014-11-19 21:13:17 . 2012-09-04 06:55:40 8192 ----a-w- C:\windows\system32\KBDTUF.DLL
2014-11-19 21:13:16 . 2012-09-04 06:27:10 7680 ----a-w- C:\windows\SysWow64\KBDTUQ.DLL
2014-11-19 21:13:16 . 2012-09-04 06:27:10 7680 ----a-w- C:\windows\SysWow64\KBDTUF.DLL
2014-11-19 16:16:10 . 2014-11-11 03:08:52 241152 ----a-w- C:\windows\system32\pku2u.dll
2014-11-19 16:16:10 . 2014-11-11 03:08:48 728064 ----a-w- C:\windows\system32\kerberos.dll
2014-11-19 16:16:10 . 2014-11-11 02:44:32 186880 ----a-w- C:\windows\SysWow64\pku2u.dll
2014-11-19 16:16:10 . 2014-11-11 02:44:25 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-11-15 10:01:15 . 2014-11-15 10:01:15 -------- d-----w- C:\Users\Marcel\AppData\Roaming\CyberLink
2014-11-15 10:01:10 . 2014-11-15 10:01:10 -------- d-----w- C:\Users\Public\CyberLink
2014-11-15 10:01:06 . 2014-11-15 10:01:06 -------- d-----w- C:\Users\Marcel\AppData\Local\CyberLink
2014-11-13 16:15:09 . 2014-11-05 17:56:54 304640 ----a-w- C:\windows\system32\generaltel.dll
2014-11-13 16:15:09 . 2014-11-05 17:56:36 228864 ----a-w- C:\windows\system32\aepdu.dll
2014-11-13 16:15:08 . 2014-11-05 17:52:22 424448 ----a-w- C:\windows\system32\aeinv.dll
2014-11-13 16:15:02 . 2014-10-14 02:13:06 683520 ----a-w- C:\windows\system32\termsrv.dll
2014-11-13 16:15:01 . 2014-10-14 02:16:37 155064 ----a-w- C:\windows\system32\drivers\ksecpkg.sys
2014-11-13 16:15:01 . 2014-10-14 02:07:31 681984 ----a-w- C:\windows\system32\adtschema.dll
2014-11-13 16:15:01 . 2014-10-14 01:46:02 681984 ----a-w- C:\windows\SysWow64\adtschema.dll
2014-11-13 16:15:00 . 2014-10-14 02:12:57 1460736 ----a-w- C:\windows\system32\lsasrv.dll
2014-11-13 16:15:00 . 2014-10-14 02:09:31 146432 ----a-w- C:\windows\system32\msaudite.dll
2014-11-13 16:15:00 . 2014-10-14 01:47:30 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2014-11-13 16:14:59 . 2014-10-14 01:50:47 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-11-13 16:14:59 . 2014-10-14 01:49:38 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-11-13 06:03:42 . 2014-09-19 09:23:55 172032 ----a-w- C:\windows\SysWow64\wdigest.dll
2014-11-13 06:03:41 . 2014-09-19 09:23:52 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll
2014-11-13 06:03:40 . 2014-09-19 09:42:41 22016 ----a-w- C:\windows\system32\credssp.dll
2014-11-13 06:03:40 . 2014-09-19 09:23:36 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2014-11-13 06:03:19 . 2014-10-25 01:57:59 77824 ----a-w- C:\windows\system32\packager.dll
2014-11-13 06:03:19 . 2014-10-25 01:32:37 67584 ----a-w- C:\windows\SysWow64\packager.dll
2014-11-13 06:03:17 . 2014-10-10 00:57:42 3198976 ----a-w- C:\windows\system32\win32k.sys
2014-11-13 06:03:12 . 2014-10-14 02:13:00 3241984 ----a-w- C:\windows\system32\msi.dll
2014-11-13 06:03:12 . 2014-10-14 01:50:41 2363904 ----a-w- C:\windows\SysWow64\msi.dll
2014-11-13 06:02:59 . 2014-10-18 02:05:23 861696 ----a-w- C:\windows\system32\oleaut32.dll
2014-11-13 06:02:58 . 2014-10-18 01:33:18 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2014-11-04 18:37:53 . 2014-11-04 18:37:53 -------- d-----w- C:\GOG Games
2014-11-02 12:14:41 . 2014-11-02 12:14:41 -------- d-----w- C:\Users\Marcel\AppData\Local\Diagnostics
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2014-11-19 21:42:26 . 2013-04-07 06:05:24 41984 ----a-w- C:\windows\system32\drivers\USB3Ver.dll
2014-11-19 21:35:09 . 2012-09-02 17:10:28 64000 ----a-w- C:\windows\system32\OpenCL.dll
2014-11-19 21:35:08 . 2012-09-02 17:10:28 60416 ----a-w- C:\windows\SysWow64\OpenCL.dll
2014-11-19 21:35:03 . 2012-09-02 21:21:52 444376 ----a-w- C:\windows\system32\igfxTray.exe
2014-11-13 05:55:42 . 2014-05-16 06:50:30 103374192 ----a-w- C:\windows\system32\MRT.exe
2014-11-04 13:30:58 . 2010-11-21 03:27:21 275080 ------w- C:\windows\system32\MpSigStub.exe
2014-10-13 19:16:34 . 2014-10-13 19:16:34 249856 ------w- C:\windows\Setup1.exe
2014-10-13 19:16:33 . 2014-10-13 19:16:33 73216 ----a-w- C:\windows\ST6UNST.EXE
2014-10-12 11:34:54 . 2014-10-12 11:35:15 1795952 ----a-w- C:\windows\system32\WdfCoInstaller01011.dll
2014-10-12 11:34:51 . 2014-10-12 11:35:14 549104 ----a-w- C:\windows\system32\drivers\SynTP.sys
2014-10-12 11:34:51 . 2014-10-12 11:35:14 422640 ----a-w- C:\windows\system32\SynTPCo19.dll
2014-10-12 11:34:51 . 2014-10-12 11:35:14 252144 ----a-w- C:\windows\system32\SynTPAPI.dll
2014-10-12 11:34:51 . 2014-10-12 11:35:14 169712 ----a-w- C:\windows\SysWow64\SynTPCom.dll
2014-10-12 11:34:49 . 2014-10-12 11:35:12 723184 ----a-w- C:\windows\system32\SynCOM.dll
2014-10-12 11:34:49 . 2014-10-12 11:35:12 400624 ----a-w- C:\windows\SysWow64\SynCom.dll
2014-10-12 11:34:47 . 2014-10-12 11:35:11 34544 ----a-w- C:\windows\system32\drivers\Smb_driver_Intel.sys
2014-10-12 11:34:47 . 2014-10-12 11:35:11 161880 ----a-w- C:\windows\system32\pca-manta.bin
2014-10-12 11:34:46 . 2014-10-12 11:35:07 92 ----a-w- C:\windows\system32\calibration.bin
2014-09-25 02:08:38 . 2014-09-30 19:04:20 371712 ----a-w- C:\windows\system32\qdvd.dll
2014-09-25 01:40:50 . 2014-09-30 19:04:20 519680 ----a-w- C:\windows\SysWow64\qdvd.dll
2014-09-19 09:23:49 . 2014-11-13 06:34:24 248832 ----a-w- C:\windows\SysWow64\schannel.dll
2014-09-09 22:11:04 . 2014-09-24 20:18:01 2048 ----a-w- C:\windows\system32\tzres.dll
2014-09-09 21:47:10 . 2014-09-24 20:18:01 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2014-09-04 05:23:20 . 2014-10-15 16:21:31 424448 ----a-w- C:\windows\system32\rastls.dll
2014-09-04 05:04:15 . 2014-10-15 16:21:31 372736 ----a-w- C:\windows\SysWow64\rastls.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 131480 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 131480 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 131480 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Capture Screenshot lite"="C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe" [2014-07-17 09:57:46 3469312]
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" [BU]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-06-22 22:02:12 56128]
"IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-07-19 05:00:42 133440]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-11-19 21:42:25 292088]
"YouCam Mirage"="c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" [2012-08-31 16:42:22 136488]
"YouCam Tray"="c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" [2012-08-31 16:42:22 167024]
"File Sanitizer"="C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2012-08-07 20:15:48 12313720]
"IFXSPMGT"="c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2012-04-23 05:54:36 1128312]
"HPConnectionManager"="C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2014-04-09 13:17:20 185144]
"QLBController"="C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2014-05-16 08:59:30 336672]
C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-11-13 35419192]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2012-09-04 22:44:54 75680 ----a-w- C:\Windows\System32\DeviceNP.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\windows\system32\DRIVERS\amppal.sys;C:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 DAMDrv;DAMDrv;C:\windows\system32\DRIVERS\DAMDrv64.sys;C:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dmvsc;dmvsc;C:\windows\system32\drivers\dmvsc.sys;C:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 HTCAND64;HTC Device Driver;C:\windows\system32\Drivers\ANDROIDUSB.sys;C:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;C:\windows\system32\DRIVERS\htcnprot.sys;C:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\system32\IEEtwCollector.exe;C:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver;C:\windows\system32\DRIVERS\irstrtdv.sys;C:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 rtsuvc;HP HD Webcam [Fixed];C:\windows\system32\DRIVERS\rtsuvc.sys;C:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
R3 SmbDrv;SmbDrv;C:\windows\system32\drivers\Smb_driver_AMDASF.sys;C:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys;C:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys;C:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;C:\windows\system32\Wat\WatAdminSvc.exe;C:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;C:\windows\system32\DRIVERS\iusb3hcs.sys;C:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys;C:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;C:\windows\system32\DRIVERS\ehdrv.sys;C:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 PersonalSecureDrive;PersonalSecureDrive;C:\windows\System32\drivers\psd.sys;C:\windows\SYSNATIVE\drivers\psd.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 eamonm;eamonm;C:\windows\system32\DRIVERS\eamonm.sys;C:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 epfwwfp;epfwwfp;C:\windows\system32\DRIVERS\epfwwfp.sys;C:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;C:\windows\system32\Hpservice.exe;C:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\windows\system32\igfxCUIService.exe;C:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\Program Files\Intel\iCLS Client\HeciServer.exe;c:\Program Files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 irstrtsv;Intel(R) Rapid Start Technology Service;C:\windows\SysWOW64\irstrtsv.exe;C:\windows\SysWOW64\irstrtsv.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe;C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [x]
S2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [x]
S2 SSPORT;SSPORT;C:\windows\system32\Drivers\SSPORT.sys;C:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\system32\vcsFPService.exe;C:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\windows\system32\DRIVERS\AMPPAL.sys;C:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\system32\DRIVERS\btmaux.sys;C:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;C:\windows\system32\DRIVERS\btmhsf.sys;C:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink Webcam Sharing Manager;C:\windows\system32\DRIVERS\clwvd.sys;C:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S3 ibtfltcoex;ibtfltcoex;C:\windows\system32\DRIVERS\iBtFltCoex.sys;C:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;C:\windows\system32\DRIVERS\IntcDAud.sys;C:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;C:\windows\system32\DRIVERS\iusb3hub.sys;C:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;C:\windows\system32\DRIVERS\iusb3xhc.sys;C:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys;C:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 SmbDrvI;SmbDrvI;C:\windows\system32\DRIVERS\Smb_driver_Intel.sys;C:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-11 19:32:29 1089352 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\Installer\chrmstp.exe
Contents of the 'Scheduled Tasks' folder
2014-11-30 C:\windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-18 01:35:35 . 2012-10-18 01:35:35]
2014-11-30 C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 18:55:33 . 2014-08-12 18:55:27]
2014-11-30 C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 18:55:33 . 2014-08-12 18:55:27]
2014-11-30 C:\windows\Tasks\HPCeeScheduleForMarcel.job
- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43:00 . 2011-07-15 11:43:00]
--------- X64 Entries -----------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 164760 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 164760 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 164760 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04:54 164760 ----a-w- C:\Users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-03-15 17:58:54 178960]
"BTMTrayAgent"="C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll" [2012-03-27 15:01:14 11407120]
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [2012-08-19 16:45:20 1664000]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2011-01-12 14:41:26 2918656]
"CDAServer"="C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-03-09 07:58:54 462712]
"SynTPEnh"="C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 22:01:28 415680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-10-21 20:02:20 21720]
------- Supplementary Scan -------
uLocal Page = C:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = C:\Windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - C:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
- - - - ORPHANS REMOVED - - - -
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - C:\Program Files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
Re: internet explorer - padá
A proc mate tak starou verzi?marsell2607 píše:Licenciu esetu mám do 31.12.2015.
To doufam. Ono skodite tim pak jen sobe, protoze je pak tezsi prijit na pricinu problemu.marsell2607 píše:Combofix už nebudem používať sám bez radcov tu na fóre.
Log z CF ale neni cely. Vic tam toho neni?Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
marsell2607
- Návštěvník
- Příspěvky: 27
- Registrován: 21 led 2014 01:35
Re: internet explorer - padá
Pardon neskopíroval som celý log. Čo sa týka antivírusu to mám business edition zo školy, ale podľa mňa to nie je účinný
antivírus, čo odporúčate, avast home edition ?
Ďakujem.
ComboFix 14-11-25.01 - Marcel . 11. 2014 15:22:13.4.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.8056.5209 [GMT 1:00]
Running from: c:\users\Marcel\Desktop\ComboFix.exe
Command switches used :: c:\users\Marcel\Desktop\CFScript.txt
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\windows\system32\drivers\asezsoxy.sys"
"c:\windows\system32\drivers\gcgqynzc.sys"
"c:\windows\system32\drivers\nrtpdhfc.sys"
"c:\windows\system32\drivers\qgiatgvz.sys"
"c:\windows\system32\drivers\yaopjmli.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_asezsoxy
-------\Service_gcgqynzc
-------\Service_NAUpdate
-------\Service_nrtpdhfc
-------\Service_qgiatgvz
-------\Service_SkypeUpdate
-------\Service_yaopjmli
.
.
((((((((((((((((((((((((( Files Created from 2014-10-28 to 2014-11-30 )))))))))))))))))))))))))))))))
.
.
2014-11-30 14:27 . 2014-11-30 14:27 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-11-30 14:27 . 2014-11-30 14:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-28 22:16 . 2014-11-17 01:08 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8C654560-B390-4A5E-B211-39C63C2D7DC0}\mpengine.dll
2014-11-26 22:37 . 2014-11-26 22:37 -------- d-----w- C:\rsit
2014-11-26 22:37 . 2014-11-26 22:37 -------- d-----w- c:\program files\trend micro
2014-11-24 22:34 . 2014-11-24 22:34 -------- d-----w- c:\program files\Microsoft Silverlight
2014-11-24 22:34 . 2014-11-24 22:34 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-11-24 21:26 . 2014-11-24 21:26 -------- d-----w- c:\program files (x86)\MSXML 4.0
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\AppData\Roaming\HTC
2014-11-23 23:36 . 2014-11-30 14:30 -------- d-----w- c:\users\Marcel\AppData\Local\HTC MediaHub
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\AppData\Roaming\Apple Computer
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\AppData\Local\Apple Computer
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\.android
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\programdata\HTC
2014-11-23 23:34 . 2014-11-23 23:35 -------- d-----w- c:\program files (x86)\HTC
2014-11-23 23:34 . 2014-11-23 23:34 -------- d-----w- c:\program files (x86)\Spirent Communications
2014-11-21 20:47 . 2014-11-21 20:47 -------- d-----w- c:\users\Marcel\AppData\Local\Autodesk,_Inc
2014-11-21 20:47 . 2014-11-21 20:47 -------- d-----w- c:\users\Marcel\AppData\Local\Granta Design
2014-11-21 20:32 . 2014-11-21 20:32 -------- d-----w- C:\Temp
2014-11-21 20:27 . 2014-11-21 20:43 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2014-11-21 20:27 . 2014-11-21 20:27 -------- d-----w- c:\program files (x86)\DWG TrueView 2013
2014-11-21 20:26 . 2014-11-21 20:26 -------- d-----w- c:\program files (x86)\Microsoft WSE
2014-11-21 20:26 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-11-21 20:25 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-11-21 20:24 . 2014-11-21 20:24 -------- d-----w- c:\program files (x86)\Autodesk
2014-11-21 18:52 . 2014-11-21 18:52 -------- d-----w- c:\program files (x86)\7-Zip
2014-11-21 18:49 . 2014-11-21 18:49 -------- d-----w- c:\users\Marcel\IGC
2014-11-21 18:49 . 2014-11-21 18:49 -------- d-----w- c:\users\Marcel\AppData\Roaming\IGC
2014-11-21 18:49 . 2014-11-21 18:49 -------- d-----w- c:\program files (x86)\IGC
2014-11-20 22:14 . 2014-11-20 22:14 144 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-19 22:02 . 2014-11-19 22:02 -------- d-----w- c:\program files (x86)\Good Timing
2014-11-19 21:54 . 2014-11-19 21:54 -------- d-sh--w- c:\users\Marcel\AppData\Local\EmieBrowserModeList
2014-11-19 21:49 . 2014-11-19 21:49 -------- d-sh--w- c:\users\Marcel\IntelGraphicsProfiles
2014-11-19 21:49 . 2014-11-19 21:49 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-19 21:43 . 2014-11-19 21:43 176880 ----a-w- c:\windows\system32\drivers\jmcr.sys
2014-11-19 21:42 . 2014-11-19 21:42 795632 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2014-11-19 21:42 . 2014-11-19 21:42 358896 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2014-11-19 21:42 . 2014-11-19 21:42 20464 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2014-11-19 21:39 . 2014-05-02 11:02 495376 ----a-w- c:\windows\system32\drivers\e1c62x64.sys
2014-11-19 21:39 . 2013-07-25 02:08 73480 ----a-w- c:\windows\system32\e1cmsg.dll
2014-11-19 21:39 . 2013-07-11 02:27 89888 ----a-w- c:\windows\system32\NicInstC.dll
2014-11-19 21:21 . 2014-11-19 21:21 -------- d-----w- c:\program files (x86)\Cisco
2014-11-19 21:13 . 2012-09-04 06:55 8192 ----a-w- c:\windows\system32\KBDTUQ.DLL
2014-11-19 21:13 . 2012-09-04 06:55 8192 ----a-w- c:\windows\system32\KBDTUF.DLL
2014-11-19 21:13 . 2012-09-04 06:27 7680 ----a-w- c:\windows\SysWow64\KBDTUQ.DLL
2014-11-19 21:13 . 2012-09-04 06:27 7680 ----a-w- c:\windows\SysWow64\KBDTUF.DLL
2014-11-19 16:16 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 16:16 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 16:16 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-19 16:16 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-15 10:01 . 2014-11-15 10:01 -------- d-----w- c:\users\Marcel\AppData\Roaming\CyberLink
2014-11-15 10:01 . 2014-11-15 10:01 -------- d-----w- c:\users\Public\CyberLink
2014-11-15 10:01 . 2014-11-15 10:01 -------- d-----w- c:\users\Marcel\AppData\Local\CyberLink
2014-11-13 16:15 . 2014-11-05 17:56 304640 ----a-w- c:\windows\system32\generaltel.dll
2014-11-13 16:15 . 2014-11-05 17:56 228864 ----a-w- c:\windows\system32\aepdu.dll
2014-11-13 16:15 . 2014-11-05 17:52 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-11-13 16:15 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-11-13 16:15 . 2014-10-14 02:16 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-11-13 16:15 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-13 16:15 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-13 16:15 . 2014-10-14 02:12 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-13 16:15 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-13 16:15 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-11-13 16:14 . 2014-10-14 01:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-11-13 16:14 . 2014-10-14 01:49 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-11-13 06:03 . 2014-09-19 09:23 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-11-13 06:03 . 2014-09-19 09:23 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-11-13 06:03 . 2014-09-19 09:42 22016 ----a-w- c:\windows\system32\credssp.dll
2014-11-13 06:03 . 2014-09-19 09:23 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-11-13 06:03 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-13 06:03 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-13 06:03 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-13 06:03 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-13 06:03 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-13 06:02 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-13 06:02 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-04 18:37 . 2014-11-04 18:37 -------- d-----w- C:\GOG Games
2014-11-02 12:14 . 2014-11-02 12:14 -------- d-----w- c:\users\Marcel\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-19 21:42 . 2013-04-07 06:05 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll
2014-11-19 21:35 . 2012-09-02 17:10 64000 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-19 21:35 . 2012-09-02 17:10 60416 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-19 21:35 . 2012-09-02 21:21 444376 ----a-w- c:\windows\system32\igfxTray.exe
2014-11-13 05:55 . 2014-05-16 06:50 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-11-04 13:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-13 19:16 . 2014-10-13 19:16 249856 ------w- c:\windows\Setup1.exe
2014-10-13 19:16 . 2014-10-13 19:16 73216 ----a-w- c:\windows\ST6UNST.EXE
2014-10-12 11:34 . 2014-10-12 11:35 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-10-12 11:34 . 2014-10-12 11:35 549104 ----a-w- c:\windows\system32\drivers\SynTP.sys
2014-10-12 11:34 . 2014-10-12 11:35 422640 ----a-w- c:\windows\system32\SynTPCo19.dll
2014-10-12 11:34 . 2014-10-12 11:35 252144 ----a-w- c:\windows\system32\SynTPAPI.dll
2014-10-12 11:34 . 2014-10-12 11:35 169712 ----a-w- c:\windows\SysWow64\SynTPCom.dll
2014-10-12 11:34 . 2014-10-12 11:35 723184 ----a-w- c:\windows\system32\SynCOM.dll
2014-10-12 11:34 . 2014-10-12 11:35 400624 ----a-w- c:\windows\SysWow64\SynCom.dll
2014-10-12 11:34 . 2014-10-12 11:35 34544 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-10-12 11:34 . 2014-10-12 11:35 161880 ----a-w- c:\windows\system32\pca-manta.bin
2014-10-12 11:34 . 2014-10-12 11:35 92 ----a-w- c:\windows\system32\calibration.bin
2014-09-25 02:08 . 2014-09-30 19:04 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-09-30 19:04 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-19 09:23 . 2014-11-13 06:34 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-09-09 22:11 . 2014-09-24 20:18 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 20:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-04 05:23 . 2014-10-15 16:21 424448 ----a-w- c:\windows\system32\rastls.dll
2014-09-04 05:04 . 2014-10-15 16:21 372736 ----a-w- c:\windows\SysWow64\rastls.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Capture Screenshot lite"="c:\program files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe" [2014-07-17 3469312]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-06-22 56128]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-07-19 133440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-11-19 292088]
"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2012-08-31 136488]
"YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2012-08-31 167024]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2012-08-07 12313720]
"IFXSPMGT"="c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2012-04-23 1128312]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2014-04-09 185144]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2014-05-16 336672]
.
c:\users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-11-13 35419192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2012-09-04 22:44 75680 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys;c:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 rtsuvc;HP HD Webcam [Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys;c:\windows\SYSNATIVE\drivers\psd.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink Webcam Sharing Manager;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-11 19:32 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.122\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-11-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-18 01:35]
.
2014-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 18:55]
.
2014-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 18:55]
.
2014-11-30 c:\windows\Tasks\HPCeeScheduleForMarcel.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-03-15 178960]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-03-27 11407120]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-08-19 1664000]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2918656]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-03-09 462712]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-10-21 21720]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\irstrt\RapidStartConfig.exe
c:\program files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
c:\users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-11-30 15:34:28 - machine was rebooted
ComboFix-quarantined-files.txt 2014-11-30 14:34
ComboFix2.txt 2014-11-24 21:57
ComboFix3.txt 2014-10-21 18:59
ComboFix4.txt 2014-10-08 18:16
.
Pre-Run: 210 595 610 624 bytes free
Post-Run: 209 902 022 656 bytes free
.
- - End Of File - - 3AE40B7A280EADC90FAB86AF91A560A0
antivírus, čo odporúčate, avast home edition ?
Ďakujem.
ComboFix 14-11-25.01 - Marcel . 11. 2014 15:22:13.4.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.8056.5209 [GMT 1:00]
Running from: c:\users\Marcel\Desktop\ComboFix.exe
Command switches used :: c:\users\Marcel\Desktop\CFScript.txt
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\windows\system32\drivers\asezsoxy.sys"
"c:\windows\system32\drivers\gcgqynzc.sys"
"c:\windows\system32\drivers\nrtpdhfc.sys"
"c:\windows\system32\drivers\qgiatgvz.sys"
"c:\windows\system32\drivers\yaopjmli.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_asezsoxy
-------\Service_gcgqynzc
-------\Service_NAUpdate
-------\Service_nrtpdhfc
-------\Service_qgiatgvz
-------\Service_SkypeUpdate
-------\Service_yaopjmli
.
.
((((((((((((((((((((((((( Files Created from 2014-10-28 to 2014-11-30 )))))))))))))))))))))))))))))))
.
.
2014-11-30 14:27 . 2014-11-30 14:27 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-11-30 14:27 . 2014-11-30 14:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-28 22:16 . 2014-11-17 01:08 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8C654560-B390-4A5E-B211-39C63C2D7DC0}\mpengine.dll
2014-11-26 22:37 . 2014-11-26 22:37 -------- d-----w- C:\rsit
2014-11-26 22:37 . 2014-11-26 22:37 -------- d-----w- c:\program files\trend micro
2014-11-24 22:34 . 2014-11-24 22:34 -------- d-----w- c:\program files\Microsoft Silverlight
2014-11-24 22:34 . 2014-11-24 22:34 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-11-24 21:26 . 2014-11-24 21:26 -------- d-----w- c:\program files (x86)\MSXML 4.0
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\AppData\Roaming\HTC
2014-11-23 23:36 . 2014-11-30 14:30 -------- d-----w- c:\users\Marcel\AppData\Local\HTC MediaHub
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\AppData\Roaming\Apple Computer
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\AppData\Local\Apple Computer
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\users\Marcel\.android
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- c:\programdata\HTC
2014-11-23 23:34 . 2014-11-23 23:35 -------- d-----w- c:\program files (x86)\HTC
2014-11-23 23:34 . 2014-11-23 23:34 -------- d-----w- c:\program files (x86)\Spirent Communications
2014-11-21 20:47 . 2014-11-21 20:47 -------- d-----w- c:\users\Marcel\AppData\Local\Autodesk,_Inc
2014-11-21 20:47 . 2014-11-21 20:47 -------- d-----w- c:\users\Marcel\AppData\Local\Granta Design
2014-11-21 20:32 . 2014-11-21 20:32 -------- d-----w- C:\Temp
2014-11-21 20:27 . 2014-11-21 20:43 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2014-11-21 20:27 . 2014-11-21 20:27 -------- d-----w- c:\program files (x86)\DWG TrueView 2013
2014-11-21 20:26 . 2014-11-21 20:26 -------- d-----w- c:\program files (x86)\Microsoft WSE
2014-11-21 20:26 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-11-21 20:26 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-11-21 20:25 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-11-21 20:24 . 2014-11-21 20:24 -------- d-----w- c:\program files (x86)\Autodesk
2014-11-21 18:52 . 2014-11-21 18:52 -------- d-----w- c:\program files (x86)\7-Zip
2014-11-21 18:49 . 2014-11-21 18:49 -------- d-----w- c:\users\Marcel\IGC
2014-11-21 18:49 . 2014-11-21 18:49 -------- d-----w- c:\users\Marcel\AppData\Roaming\IGC
2014-11-21 18:49 . 2014-11-21 18:49 -------- d-----w- c:\program files (x86)\IGC
2014-11-20 22:14 . 2014-11-20 22:14 144 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-19 22:02 . 2014-11-19 22:02 -------- d-----w- c:\program files (x86)\Good Timing
2014-11-19 21:54 . 2014-11-19 21:54 -------- d-sh--w- c:\users\Marcel\AppData\Local\EmieBrowserModeList
2014-11-19 21:49 . 2014-11-19 21:49 -------- d-sh--w- c:\users\Marcel\IntelGraphicsProfiles
2014-11-19 21:49 . 2014-11-19 21:49 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-19 21:43 . 2014-11-19 21:43 176880 ----a-w- c:\windows\system32\drivers\jmcr.sys
2014-11-19 21:42 . 2014-11-19 21:42 795632 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2014-11-19 21:42 . 2014-11-19 21:42 358896 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2014-11-19 21:42 . 2014-11-19 21:42 20464 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2014-11-19 21:39 . 2014-05-02 11:02 495376 ----a-w- c:\windows\system32\drivers\e1c62x64.sys
2014-11-19 21:39 . 2013-07-25 02:08 73480 ----a-w- c:\windows\system32\e1cmsg.dll
2014-11-19 21:39 . 2013-07-11 02:27 89888 ----a-w- c:\windows\system32\NicInstC.dll
2014-11-19 21:21 . 2014-11-19 21:21 -------- d-----w- c:\program files (x86)\Cisco
2014-11-19 21:13 . 2012-09-04 06:55 8192 ----a-w- c:\windows\system32\KBDTUQ.DLL
2014-11-19 21:13 . 2012-09-04 06:55 8192 ----a-w- c:\windows\system32\KBDTUF.DLL
2014-11-19 21:13 . 2012-09-04 06:27 7680 ----a-w- c:\windows\SysWow64\KBDTUQ.DLL
2014-11-19 21:13 . 2012-09-04 06:27 7680 ----a-w- c:\windows\SysWow64\KBDTUF.DLL
2014-11-19 16:16 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 16:16 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 16:16 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-19 16:16 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-15 10:01 . 2014-11-15 10:01 -------- d-----w- c:\users\Marcel\AppData\Roaming\CyberLink
2014-11-15 10:01 . 2014-11-15 10:01 -------- d-----w- c:\users\Public\CyberLink
2014-11-15 10:01 . 2014-11-15 10:01 -------- d-----w- c:\users\Marcel\AppData\Local\CyberLink
2014-11-13 16:15 . 2014-11-05 17:56 304640 ----a-w- c:\windows\system32\generaltel.dll
2014-11-13 16:15 . 2014-11-05 17:56 228864 ----a-w- c:\windows\system32\aepdu.dll
2014-11-13 16:15 . 2014-11-05 17:52 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-11-13 16:15 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-11-13 16:15 . 2014-10-14 02:16 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-11-13 16:15 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-13 16:15 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-13 16:15 . 2014-10-14 02:12 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-13 16:15 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-13 16:15 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-11-13 16:14 . 2014-10-14 01:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-11-13 16:14 . 2014-10-14 01:49 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-11-13 06:03 . 2014-09-19 09:23 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-11-13 06:03 . 2014-09-19 09:23 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-11-13 06:03 . 2014-09-19 09:42 22016 ----a-w- c:\windows\system32\credssp.dll
2014-11-13 06:03 . 2014-09-19 09:23 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-11-13 06:03 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-13 06:03 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-13 06:03 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-13 06:03 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-13 06:03 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-13 06:02 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-13 06:02 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-04 18:37 . 2014-11-04 18:37 -------- d-----w- C:\GOG Games
2014-11-02 12:14 . 2014-11-02 12:14 -------- d-----w- c:\users\Marcel\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-19 21:42 . 2013-04-07 06:05 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll
2014-11-19 21:35 . 2012-09-02 17:10 64000 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-19 21:35 . 2012-09-02 17:10 60416 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-19 21:35 . 2012-09-02 21:21 444376 ----a-w- c:\windows\system32\igfxTray.exe
2014-11-13 05:55 . 2014-05-16 06:50 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-11-04 13:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-13 19:16 . 2014-10-13 19:16 249856 ------w- c:\windows\Setup1.exe
2014-10-13 19:16 . 2014-10-13 19:16 73216 ----a-w- c:\windows\ST6UNST.EXE
2014-10-12 11:34 . 2014-10-12 11:35 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-10-12 11:34 . 2014-10-12 11:35 549104 ----a-w- c:\windows\system32\drivers\SynTP.sys
2014-10-12 11:34 . 2014-10-12 11:35 422640 ----a-w- c:\windows\system32\SynTPCo19.dll
2014-10-12 11:34 . 2014-10-12 11:35 252144 ----a-w- c:\windows\system32\SynTPAPI.dll
2014-10-12 11:34 . 2014-10-12 11:35 169712 ----a-w- c:\windows\SysWow64\SynTPCom.dll
2014-10-12 11:34 . 2014-10-12 11:35 723184 ----a-w- c:\windows\system32\SynCOM.dll
2014-10-12 11:34 . 2014-10-12 11:35 400624 ----a-w- c:\windows\SysWow64\SynCom.dll
2014-10-12 11:34 . 2014-10-12 11:35 34544 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-10-12 11:34 . 2014-10-12 11:35 161880 ----a-w- c:\windows\system32\pca-manta.bin
2014-10-12 11:34 . 2014-10-12 11:35 92 ----a-w- c:\windows\system32\calibration.bin
2014-09-25 02:08 . 2014-09-30 19:04 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-09-30 19:04 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-19 09:23 . 2014-11-13 06:34 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-09-09 22:11 . 2014-09-24 20:18 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 20:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-04 05:23 . 2014-10-15 16:21 424448 ----a-w- c:\windows\system32\rastls.dll
2014-09-04 05:04 . 2014-10-15 16:21 372736 ----a-w- c:\windows\SysWow64\rastls.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Capture Screenshot lite"="c:\program files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe" [2014-07-17 3469312]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-06-22 56128]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-07-19 133440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-11-19 292088]
"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2012-08-31 136488]
"YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2012-08-31 167024]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2012-08-07 12313720]
"IFXSPMGT"="c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2012-04-23 1128312]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2014-04-09 185144]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2014-05-16 336672]
.
c:\users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-11-13 35419192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2012-09-04 22:44 75680 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys;c:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 rtsuvc;HP HD Webcam [Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys;c:\windows\SYSNATIVE\drivers\psd.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink Webcam Sharing Manager;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-11 19:32 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.122\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-11-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-18 01:35]
.
2014-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 18:55]
.
2014-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12 18:55]
.
2014-11-30 c:\windows\Tasks\HPCeeScheduleForMarcel.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Marcel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-03-15 178960]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-03-27 11407120]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-08-19 1664000]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2918656]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-03-09 462712]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-10-21 21720]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\irstrt\RapidStartConfig.exe
c:\program files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
c:\users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-11-30 15:34:28 - machine was rebooted
ComboFix-quarantined-files.txt 2014-11-30 14:34
ComboFix2.txt 2014-11-24 21:57
ComboFix3.txt 2014-10-21 18:59
ComboFix4.txt 2014-10-08 18:16
.
Pre-Run: 210 595 610 624 bytes free
Post-Run: 209 902 022 656 bytes free
.
- - End Of File - - 3AE40B7A280EADC90FAB86AF91A560A0
Re: internet explorer - padá
No ona je to hlavne hrozne stara verze. Vzdyt uz je ESS 8 tusim a vy mate 4.2
Pokud chcete antivir zdarma, tak Avast je dobra volba. Sam ho pouzivam uz radu let.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud chcete antivir zdarma, tak Avast je dobra volba. Sam ho pouzivam uz radu let.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
marsell2607
- Návštěvník
- Příspěvky: 27
- Registrován: 21 led 2014 01:35
Re: internet explorer - padá
Takže eset vymažem a dám tam Avast.
AdwCLEANER:
# AdwCleaner v4.102 - Report created 30/11/2014 at 19:48:12
# Updated 23/11/2014 by Xplode
# Database : 2014-11-27.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Marcel - MARCEL-HP
# Running from : C:\Users\Marcel\Desktop\adwcleaner_4.102.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\a4373db2d37fbeaa
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Google Chrome v38.0.2125.122
*************************
AdwCleaner[R0].txt - [10093 octets] - [21/06/2014 00:31:14]
AdwCleaner[R1].txt - [6121 octets] - [21/10/2014 20:14:52]
AdwCleaner[R2].txt - [6181 octets] - [21/10/2014 20:17:03]
AdwCleaner[R3].txt - [1267 octets] - [30/11/2014 19:41:08]
AdwCleaner[S0].txt - [7704 octets] - [21/06/2014 00:32:12]
AdwCleaner[S1].txt - [6323 octets] - [21/10/2014 20:18:40]
AdwCleaner[S2].txt - [1194 octets] - [30/11/2014 19:48:12]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1254 octets] ##########
MBAM:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 30. 11. 2014
Scan Time: 19:55:15
Logfile: log.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.11.30.06
Rootkit Database: v2014.11.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Marcel
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 557438
Time Elapsed: 1 hr, 18 min, 53 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 1
PUP.Optional.MultiPlug.A, C:\ProgramData\topbuyer, , [ba34c57c95e76acc65ea181d679c4ab6],
Files: 12
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir, , [5e9095ac651776c04059cf665ca438c8],
PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir, , [02ecc77afb81f34312c84e2348b92fd1],
PUP.Optional.WpManager, C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir, , [00ee1f225f1df4427a0cfe7ebc458977],
PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Users\Marcel\AppData\Roaming\qone8\UninstallManager.exe.vir, , [6b830d340c7022145558653cde23c937],
RiskWare.Tool.CK, C:\Users\Marcel\Desktop\MAKARSKY ZADANIE 2\cad\Crack\xf-invpro2013_x32.exe, , [f2fcb58ca1db2f0781721ab845bbf808],
RiskWare.Tool.CK, C:\Users\Marcel\Desktop\MAKARSKY ZADANIE 2\cad\Crack\xf-invpro2013_x64.exe, , [19d566db215b21155f94bc169967d62a],
RiskWare.Tool.CK, C:\Users\Marcel\Desktop\cad\Crack\xf-invpro2013_x32.exe, , [e608132eceae9c9a46ad16bc53ad6799],
RiskWare.Tool.CK, C:\Users\Marcel\Desktop\cad\Crack\xf-invpro2013_x64.exe, , [03eb61e095e70d29aa498b474cb4d42c],
RiskWare.Tool.CK, C:\Users\Marcel\Desktop\cad\X-Force Autodesk 2013 Products Keygen\Crack-Win\xf-adsk2013_x32.exe, , [bd317cc591eb191df6fdfdd522ded729],
RiskWare.Tool.CK, C:\Users\Marcel\Desktop\cad\X-Force Autodesk 2013 Products Keygen\Crack-Win\xf-adsk2013_x64.exe, , [56989ea33d3f1c1a05eed4fed030fd03],
PUP.Optional.MultiPlug.A, C:\ProgramData\topbuyer\sqCV.dat, , [ba34c57c95e76acc65ea181d679c4ab6],
PUP.Optional.MultiPlug.A, C:\ProgramData\topbuyer\sqCV.tlb, , [ba34c57c95e76acc65ea181d679c4ab6],
Physical Sectors: 0
(No malicious items detected)
(end)
AdwCLEANER:
# AdwCleaner v4.102 - Report created 30/11/2014 at 19:48:12
# Updated 23/11/2014 by Xplode
# Database : 2014-11-27.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Marcel - MARCEL-HP
# Running from : C:\Users\Marcel\Desktop\adwcleaner_4.102.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\a4373db2d37fbeaa
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Google Chrome v38.0.2125.122
*************************
AdwCleaner[R0].txt - [10093 octets] - [21/06/2014 00:31:14]
AdwCleaner[R1].txt - [6121 octets] - [21/10/2014 20:14:52]
AdwCleaner[R2].txt - [6181 octets] - [21/10/2014 20:17:03]
AdwCleaner[R3].txt - [1267 octets] - [30/11/2014 19:41:08]
AdwCleaner[S0].txt - [7704 octets] - [21/06/2014 00:32:12]
AdwCleaner[S1].txt - [6323 octets] - [21/10/2014 20:18:40]
AdwCleaner[S2].txt - [1194 octets] - [30/11/2014 19:48:12]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1254 octets] ##########
MBAM:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 30. 11. 2014
Scan Time: 19:55:15
Logfile: log.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.11.30.06
Rootkit Database: v2014.11.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Marcel
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 557438
Time Elapsed: 1 hr, 18 min, 53 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 1
PUP.Optional.MultiPlug.A, C:\ProgramData\topbuyer, , [ba34c57c95e76acc65ea181d679c4ab6],
Files: 12
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir, , [5e9095ac651776c04059cf665ca438c8],
PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir, , [02ecc77afb81f34312c84e2348b92fd1],
PUP.Optional.WpManager, C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir, , [00ee1f225f1df4427a0cfe7ebc458977],
PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Users\Marcel\AppData\Roaming\qone8\UninstallManager.exe.vir, , [6b830d340c7022145558653cde23c937],
RiskWare.Tool.CK, C:\Users\Marcel\Desktop\MAKARSKY ZADANIE 2\cad\Crack\xf-invpro2013_x32.exe, , [f2fcb58ca1db2f0781721ab845bbf808],
RiskWare.Tool.CK, C:\Users\Marcel\Desktop\MAKARSKY ZADANIE 2\cad\Crack\xf-invpro2013_x64.exe, , [19d566db215b21155f94bc169967d62a],
RiskWare.Tool.CK, C:\Users\Marcel\Desktop\cad\Crack\xf-invpro2013_x32.exe, , [e608132eceae9c9a46ad16bc53ad6799],
RiskWare.Tool.CK, C:\Users\Marcel\Desktop\cad\Crack\xf-invpro2013_x64.exe, , [03eb61e095e70d29aa498b474cb4d42c],
RiskWare.Tool.CK, C:\Users\Marcel\Desktop\cad\X-Force Autodesk 2013 Products Keygen\Crack-Win\xf-adsk2013_x32.exe, , [bd317cc591eb191df6fdfdd522ded729],
RiskWare.Tool.CK, C:\Users\Marcel\Desktop\cad\X-Force Autodesk 2013 Products Keygen\Crack-Win\xf-adsk2013_x64.exe, , [56989ea33d3f1c1a05eed4fed030fd03],
PUP.Optional.MultiPlug.A, C:\ProgramData\topbuyer\sqCV.dat, , [ba34c57c95e76acc65ea181d679c4ab6],
PUP.Optional.MultiPlug.A, C:\ProgramData\topbuyer\sqCV.tlb, , [ba34c57c95e76acc65ea181d679c4ab6],
Physical Sectors: 0
(No malicious items detected)
(end)
Re: internet explorer - padá
Nalezy hodte do karanteny. Po restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
marsell2607
- Návštěvník
- Příspěvky: 27
- Registrován: 21 led 2014 01:35
Re: internet explorer - padá
Zdravím opäť.
Takže hodil som všetko do karantény a po reštarte som vykonal opäť sken a už nenašlo žiadne škodlivé súbory.
Takže hodil som všetko do karantény a po reštarte som vykonal opäť sken a už nenašlo žiadne škodlivé súbory.
Re: internet explorer - padá
MBAM muzete odinstalovat. Dejte log podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
marsell2607
- Návštěvník
- Příspěvky: 27
- Registrován: 21 led 2014 01:35
Re: internet explorer - padá
Odinštaloval som MBAM.
Prikladám log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-12-2014
Ran by Marcel (administrator) on MARCEL-HP on 03-12-2014 18:32:24
Running from C:\Users\Marcel\Desktop
Loaded Profile: Marcel (Available profiles: Marcel)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
( ) C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Dropbox, Inc.) C:\Users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Marcel\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2014-10-12] (Synaptics Incorporated)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-06-22] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2014-11-19] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2012-08-31] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167024 2012-08-31] (CyberLink Corp.)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12313720 2012-08-07] (Hewlett-Packard)
HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2014-04-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-02] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-420091433-3007874471-987154306-1001\...\Run: [Capture Screenshot lite] => C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe [3469312 2014-07-17] ()
HKU\S-1-5-21-420091433-3007874471-987154306-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-420091433-3007874471-987154306-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-420091433-3007874471-987154306-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-420091433-3007874471-987154306-1001\...\Policies\Explorer: []
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-420091433-3007874471-987154306-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-420091433-3007874471-987154306-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=U220DHP&pc=U220
HKU\S-1-5-21-420091433-3007874471-987154306-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-420091433-3007874471-987154306-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-420091433-3007874471-987154306-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: CPub Object -> {696D8C1E-7039-40c8-9C66-07D9D2A2D00D} -> C:\Program Files (x86)\AdCleaner\AdCleaner.dll (eEriEsoft, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll (Digital Persona, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-04-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-02]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> https://sharepoint.freudenberg-filter.c ... Items.aspx
CHR StartupUrls: Default -> "hxxp://www.google.sk/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-13]
CHR Extension: (Disk Google) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-13]
CHR Extension: (YouTube) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-13]
CHR Extension: (Adblock Plus) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-15]
CHR Extension: (Hľadať v Google) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-13]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-05-15]
CHR Extension: (Avast Online Security) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-02]
CHR Extension: (Project Viewer 365-Free) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmpghmkgkalhonankenfklpmdgnilapp [2014-11-24]
CHR Extension: (SharePoint JSON Viewer) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjocknanjkfbihefbkknomccckekpfj [2014-11-24]
CHR Extension: (SharePoint Fix) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbkoobmboaainhbkbdojincpeoldlfc [2014-11-24]
CHR Extension: (Peňaženka Google) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-13]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-05-15]
CHR Extension: (Gmail) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-02] (Avast Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-21] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477088 2012-09-04] (Hewlett-Packard Company)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-04-23] (Infineon Technologies AG)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-11-19] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193536 2012-05-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-07-11] () [File not signed]
R2 mitsijm2013; C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [339776 2012-04-22] ( )
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete Inc)
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-04-23] (Infineon Technologies AG)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-02] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-02] ()
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-09-04] (Hewlett-Packard Company)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-13] (Disc Soft Ltd)
S3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-05-17] (Intel Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [90736 2012-07-12] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158832 2012-07-12] (McAfee, Inc.)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8222736 2012-06-15] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-10-12] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-12-01] (Duplex Secure Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-02] (Avast Software)
U3 arpq2ojh; C:\Windows\System32\Drivers\arpq2ojh.sys [0 ] (Advanced Micro Devices)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-03 18:32 - 2014-12-03 18:32 - 00025146 _____ () C:\Users\Marcel\Desktop\FRST.txt
2014-12-03 18:31 - 2014-12-03 18:32 - 00000000 ____D () C:\FRST
2014-12-03 18:31 - 2014-12-03 18:31 - 00112640 _____ (forum.viry.cz) C:\Users\Marcel\Desktop\FRSTLauncher.exe
2014-12-03 18:30 - 2014-12-03 18:30 - 02117120 _____ (Farbar) C:\Users\Marcel\Desktop\FRST64.exe
2014-12-03 08:31 - 2014-12-03 08:31 - 00000247 _____ () C:\windows\system32\2014-12-03-07-31-38.025-aswFe.exe-1596.log
2014-12-03 08:06 - 2014-12-03 08:31 - 00000247 _____ () C:\windows\system32\2014-12-03-07-06-14.055-aswFe.exe-7940.log
2014-12-03 08:06 - 2014-12-03 08:06 - 00000197 _____ () C:\windows\system32\2014-12-03-07-06-07.045-AvastVBoxSVC.exe-8116.log
2014-12-03 07:33 - 2014-12-03 07:33 - 00002479 _____ () C:\Users\Marcel\Desktop\g.txt
2014-12-03 01:37 - 2014-12-03 01:38 - 20128611 _____ () C:\Users\Marcel\Downloads\20141129_6.part4.rar
2014-12-03 01:07 - 2014-12-03 01:37 - 2096004096 _____ () C:\Users\Marcel\Downloads\20141129_6.part3.rar
2014-12-03 00:37 - 2014-12-03 01:07 - 2096004096 _____ () C:\Users\Marcel\Downloads\20141129_6.part2.rar
2014-12-03 00:05 - 2014-12-03 00:37 - 2096004096 _____ () C:\Users\Marcel\Downloads\20141129_6.part1.rar
2014-12-02 23:55 - 2014-12-02 23:55 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Symantec
2014-12-02 23:42 - 2014-12-02 23:47 - 00000000 ____D () C:\záloha
2014-12-02 23:41 - 2014-12-02 23:41 - 00000197 _____ () C:\windows\system32\2014-12-02-22-41-09.074-AvastVBoxSVC.exe-4888.log
2014-12-02 22:54 - 2014-12-02 22:54 - 00000197 _____ () C:\windows\system32\2014-12-02-21-54-16.085-AvastVBoxSVC.exe-4064.log
2014-12-02 22:48 - 2014-12-02 22:48 - 00000197 _____ () C:\windows\system32\2014-12-02-21-48-03.047-AvastVBoxSVC.exe-1956.log
2014-12-02 22:15 - 2014-12-02 22:15 - 00000197 _____ () C:\windows\system32\2014-12-02-21-15-25.051-AvastVBoxSVC.exe-3940.log
2014-12-02 21:44 - 2014-12-02 21:44 - 00000197 _____ () C:\windows\system32\2014-12-02-20-44-15.093-AvastVBoxSVC.exe-4344.log
2014-12-02 21:14 - 2014-12-02 21:14 - 00000197 _____ () C:\windows\system32\2014-12-02-20-14-22.052-AvastVBoxSVC.exe-4640.log
2014-12-02 20:42 - 2014-12-02 20:42 - 00000197 _____ () C:\windows\system32\2014-12-02-19-42-02.097-AvastVBoxSVC.exe-4416.log
2014-12-02 20:10 - 2014-12-02 20:10 - 00000197 _____ () C:\windows\system32\2014-12-02-19-10-21.060-AvastVBoxSVC.exe-4800.log
2014-12-02 19:52 - 2014-12-02 20:19 - 00000000 ____D () C:\Users\Marcel\Documents\vs2
2014-12-02 19:39 - 2014-12-02 19:39 - 00000197 _____ () C:\windows\system32\2014-12-02-18-39-37.055-AvastVBoxSVC.exe-4420.log
2014-12-02 19:08 - 2014-12-02 19:08 - 00000197 _____ () C:\windows\system32\2014-12-02-18-08-05.073-AvastVBoxSVC.exe-4652.log
2014-12-02 18:47 - 2014-12-02 18:48 - 00000247 _____ () C:\windows\system32\2014-12-02-17-47-41.083-aswFe.exe-9052.log
2014-12-02 18:42 - 2014-12-02 18:47 - 00000247 _____ () C:\windows\system32\2014-12-02-17-42-26.064-aswFe.exe-812.log
2014-12-02 18:42 - 2014-12-02 18:42 - 00000197 _____ () C:\windows\system32\2014-12-02-17-42-20.033-AvastVBoxSVC.exe-4808.log
2014-12-02 18:07 - 2014-12-02 18:10 - 00000000 ____D () C:\windows\SysWOW64\vbox
2014-12-02 18:07 - 2014-12-02 18:10 - 00000000 ____D () C:\windows\system32\vbox
2014-12-02 17:52 - 2014-12-02 17:52 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\AVAST Software
2014-12-02 17:52 - 2014-12-02 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-02 17:51 - 2014-12-02 17:52 - 01050432 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00436624 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00364512 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-12-02 17:51 - 2014-12-02 17:51 - 00267632 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00116728 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00083280 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-12-02 17:51 - 2014-12-02 17:51 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00003924 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-12-02 17:50 - 2014-12-02 17:50 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-02 17:49 - 2014-12-02 17:50 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-02 17:47 - 2014-12-02 17:47 - 00003636 _____ () C:\windows\System32\Tasks\Imperia Online W4
2014-12-02 17:47 - 2014-12-02 17:47 - 00003636 _____ () C:\windows\System32\Tasks\Imperia Online W3
2014-12-02 17:47 - 2014-12-02 17:47 - 00003636 _____ () C:\windows\System32\Tasks\Imperia Online W2
2014-12-02 17:47 - 2014-12-02 17:47 - 00003636 _____ () C:\windows\System32\Tasks\Imperia Online W1
2014-12-02 17:47 - 2014-12-02 17:47 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2014-12-02 17:47 - 2014-12-02 17:47 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\ImperiaOnline
2014-12-02 17:47 - 2014-12-02 17:47 - 00000000 ____D () C:\Users\Marcel\AppData\Local\IsolatedStorage
2014-12-01 18:02 - 2014-12-01 18:02 - 00000124 _____ () C:\Users\Marcel\Documents\ax_files.xml
2014-12-01 17:56 - 2014-12-01 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
2014-12-01 17:55 - 2014-12-01 17:55 - 00000000 ____D () C:\Program Files (x86)\Alcohol Soft
2014-12-01 17:54 - 2014-12-01 17:54 - 00386680 _____ (Duplex Secure Ltd.) C:\windows\system32\Drivers\sptd.sys
2014-11-30 19:53 - 2014-11-30 19:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-30 15:34 - 2014-11-30 15:34 - 00029431 _____ () C:\ComboFix.txt
2014-11-30 15:20 - 2014-11-30 15:34 - 00000000 ____D () C:\ComboFix
2014-11-26 23:37 - 2014-11-26 23:37 - 00000000 ____D () C:\rsit
2014-11-26 23:37 - 2014-11-26 23:37 - 00000000 ____D () C:\Program Files\trend micro
2014-11-24 23:35 - 2014-11-24 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-24 23:34 - 2014-11-24 23:34 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-24 23:34 - 2014-11-24 23:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-24 23:30 - 2014-12-03 07:45 - 00006584 _____ () C:\windows\PFRO.log
2014-11-24 23:29 - 2014-11-24 23:34 - 00015629 _____ () C:\windows\IE11_main.log
2014-11-24 22:26 - 2014-11-24 22:26 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-11-24 00:36 - 2014-12-03 07:46 - 00000000 ____D () C:\Users\Marcel\AppData\Local\HTC MediaHub
2014-11-24 00:36 - 2014-11-24 00:36 - 00000000 ____D () C:\Users\Marcel\Documents\HTC
2014-11-24 00:36 - 2014-11-24 00:36 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\HTC
2014-11-24 00:36 - 2014-11-24 00:36 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Apple Computer
2014-11-24 00:36 - 2014-11-24 00:36 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Apple Computer
2014-11-24 00:36 - 2014-11-24 00:36 - 00000000 ____D () C:\Users\Marcel\.android
2014-11-24 00:36 - 2014-11-24 00:36 - 00000000 ____D () C:\ProgramData\HTC
2014-11-24 00:35 - 2014-11-24 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-11-24 00:34 - 2014-11-24 00:35 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-11-24 00:34 - 2014-11-24 00:34 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-11-21 21:47 - 2014-11-21 21:47 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Granta Design
2014-11-21 21:47 - 2014-11-21 21:47 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Autodesk,_Inc
2014-11-21 21:37 - 2014-11-21 21:47 - 00000000 ____D () C:\Users\Marcel\Documents\Inventor
2014-11-21 21:36 - 2014-11-21 21:36 - 00000000 ____D () C:\Users\Marcel\Documents\Autodesk
2014-11-21 21:32 - 2014-11-21 21:43 - 00000000 ____D () C:\Users\Public\Documents\Autodesk
2014-11-21 21:32 - 2014-11-21 21:32 - 00000000 ____D () C:\Temp
2014-11-21 21:27 - 2014-11-21 21:43 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-11-21 21:27 - 2014-11-21 21:27 - 00000000 ____D () C:\Program Files (x86)\DWG TrueView 2013
2014-11-21 21:26 - 2014-11-21 21:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-11-21 21:26 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll
2014-11-21 21:26 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_43.dll
2014-11-21 21:26 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_43.dll
2014-11-21 21:26 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll
2014-11-21 21:26 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_43.dll
2014-11-21 21:26 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
2014-11-21 21:26 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_43.dll
2014-11-21 21:25 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll
2014-11-21 21:24 - 2014-11-21 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-11-21 21:24 - 2014-11-21 21:24 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2014-11-21 19:52 - 2014-11-21 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-11-21 19:52 - 2014-11-21 19:52 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-11-21 19:49 - 2014-11-21 19:49 - 00000000 ____D () C:\Users\Marcel\IGC
2014-11-21 19:49 - 2014-11-21 19:49 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\IGC
2014-11-20 23:14 - 2014-11-20 23:14 - 00000144 _____ () C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-19 23:02 - 2014-11-19 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Good Timing
2014-11-19 22:54 - 2014-11-19 22:54 - 00000000 __SHD () C:\Users\Marcel\AppData\Local\EmieBrowserModeList
2014-11-19 22:49 - 2014-11-19 22:49 - 00000451 _____ () C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-19 22:43 - 2014-11-19 22:43 - 00176880 _____ (JMicron Technology Corporation) C:\windows\system32\Drivers\jmcr.sys
2014-11-19 22:42 - 2014-11-19 22:42 - 00795632 _____ (Intel Corporation) C:\windows\system32\Drivers\iusb3xhc.sys
2014-11-19 22:42 - 2014-11-19 22:42 - 00358896 _____ (Intel Corporation) C:\windows\system32\Drivers\iusb3hub.sys
2014-11-19 22:42 - 2014-11-19 22:42 - 00020464 _____ (Intel Corporation) C:\windows\system32\Drivers\iusb3hcs.sys
2014-11-19 22:39 - 2014-05-02 12:02 - 00495376 _____ (Intel Corporation) C:\windows\system32\Drivers\e1c62x64.sys
2014-11-19 22:39 - 2013-07-25 03:08 - 00073480 _____ (Intel Corporation) C:\windows\system32\e1cmsg.dll
2014-11-19 22:39 - 2013-07-11 03:27 - 00089888 _____ (Intel Corporation) C:\windows\system32\NicInstC.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 16586584 _____ (Intel Corporation) C:\windows\system32\igdumdim64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 16114320 _____ (Intel Corporation) C:\windows\SysWOW64\igdumdim32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 04590152 _____ (Intel Corporation) C:\windows\system32\igdusc64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 03658520 _____ (Intel Corporation) C:\windows\SysWOW64\igdusc32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 02813952 _____ () C:\windows\system32\iglhxa64.cpa
2014-11-19 22:35 - 2014-11-19 22:35 - 02023936 _____ (Intel Corporation) C:\windows\system32\igfxcmjit64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 01755648 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmjit32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 01137080 _____ (Intel Corporation) C:\windows\system32\iglhsip64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 01132960 _____ (Intel Corporation) C:\windows\SysWOW64\iglhsip32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00734208 _____ (Intel Corporation) C:\windows\system32\MetroIntelGenericUIFramework.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00655360 _____ (Intel Corporation) C:\windows\system32\igfxDH.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00501720 _____ (Intel Corporation) C:\windows\system32\igfxEM.exe
2014-11-19 22:35 - 2014-11-19 22:35 - 00373248 _____ (Intel Corporation) C:\windows\system32\igfxOSP.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00358912 _____ (Intel Corporation) C:\windows\system32\IntelOpenCL64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00315352 _____ (Intel Corporation) C:\windows\system32\igfxCUIService.exe
2014-11-19 22:35 - 2014-11-19 22:35 - 00294912 _____ (Intel Corporation) C:\windows\SysWOW64\IntelOpenCL32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00279000 _____ (Intel Corporation) C:\windows\SysWOW64\IntelCpHeciSvc.exe
2014-11-19 22:35 - 2014-11-19 22:35 - 00267264 _____ (Intel Corporation) C:\windows\system32\igfxDI.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00254976 _____ () C:\windows\system32\igfxCPL.cpl
2014-11-19 22:35 - 2014-11-19 22:35 - 00249856 _____ (Intel Corporation) C:\windows\system32\igfxLHM.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00244184 _____ (Intel Corporation) C:\windows\system32\igfxHK.exe
2014-11-19 22:35 - 2014-11-19 22:35 - 00218808 _____ (Intel Corporation) C:\windows\system32\iglhcp64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00212992 _____ (Intel Corporation) C:\windows\system32\igfxDTCM.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00191448 _____ (Intel Corporation) C:\windows\system32\igfxext.exe
2014-11-19 22:35 - 2014-11-19 22:35 - 00187408 _____ (Intel Corporation) C:\windows\system32\igfxcmrt64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00187348 _____ () C:\windows\system32\resTHA.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00183800 _____ (Intel Corporation) C:\windows\SysWOW64\iglhcp32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00182784 _____ (Intel Corporation) C:\windows\system32\igfxCoIn_v3621.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00182784 _____ (Intel Corporation) C:\windows\system32\igfx11cmrt64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00180164 _____ () C:\windows\system32\resELL.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00176020 _____ () C:\windows\system32\resRUS.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00161876 _____ () C:\windows\system32\resARA.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00161332 _____ () C:\windows\system32\resHEB.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00161268 _____ () C:\windows\system32\resJPN.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00158032 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmrt32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00156692 _____ () C:\windows\system32\resFRA.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00156676 _____ () C:\windows\system32\resHUN.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00155136 _____ (Intel Corporation) C:\windows\SysWOW64\igfx11cmrt32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00154980 _____ () C:\windows\system32\resKOR.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00154884 _____ () C:\windows\system32\resITA.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00154884 _____ () C:\windows\system32\resDEU.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00154724 _____ () C:\windows\system32\resROM.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00154612 _____ () C:\windows\system32\resESN.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00154180 _____ () C:\windows\system32\resPLK.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00154036 _____ () C:\windows\system32\resSKY.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00153844 _____ () C:\windows\system32\resNLD.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00153284 _____ () C:\windows\system32\resPTB.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00153140 _____ () C:\windows\system32\resTRK.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00153108 _____ () C:\windows\system32\resCSY.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00152980 _____ () C:\windows\system32\resPTG.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00152564 _____ () C:\windows\system32\resFIN.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00152132 _____ () C:\windows\system32\resHRV.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00151684 _____ () C:\windows\system32\resSVE.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00151508 _____ () C:\windows\system32\resSLV.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00150580 _____ () C:\windows\system32\resNOR.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00150068 _____ () C:\windows\system32\resDAN.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00148756 _____ () C:\windows\system32\resENU.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00146980 _____ () C:\windows\system32\resCHT.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00146148 _____ () C:\windows\system32\resCHS.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00070144 _____ () C:\windows\system32\igfxCUIServicePS.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00069632 _____ ( ) C:\windows\system32\igfxDHLibv2_0.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00064000 _____ (Khronos Group) C:\windows\system32\Intel_OpenCL_ICD64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00060416 _____ (Khronos Group) C:\windows\SysWOW64\Intel_OpenCL_ICD32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00057856 _____ ( ) C:\windows\system32\igfxDHLib.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00044025 _____ () C:\windows\system32\iglhxo64.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00043816 _____ () C:\windows\system32\iglhxc64_dev.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00043494 _____ () C:\windows\system32\iglhxc64.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00043298 _____ () C:\windows\system32\iglhxg64_dev.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00043256 _____ () C:\windows\system32\iglhxg64.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00042079 _____ () C:\windows\system32\iglhxo64_dev.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00031408 _____ (Intel Corporation) C:\windows\system32\igfxexps.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00030720 _____ (Intel Corporation) C:\windows\SysWOW64\igfxexps32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00010752 _____ ( ) C:\windows\system32\igfxDILib.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00010240 _____ ( ) C:\windows\system32\igfxEMLibv2_0.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00010240 _____ ( ) C:\windows\system32\igfxEMLib.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00010240 _____ ( ) C:\windows\system32\igfxDILibv2_0.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00005120 _____ ( ) C:\windows\system32\igfxLHMLibv2_0.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00005120 _____ ( ) C:\windows\system32\igfxLHMLib.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00002568 _____ () C:\windows\system32\iglhxs64.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00001125 _____ () C:\windows\system32\iglhxa64.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00000000 ____D () C:\Intel
2014-11-19 22:35 - 2014-11-19 22:34 - 23048704 _____ (Intel Corporation) C:\windows\system32\igdfcl64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 18032640 _____ (Intel Corporation) C:\windows\SysWOW64\igdfcl32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 17791136 _____ (Intel Corporation) C:\windows\system32\igd10iumd64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 17409536 _____ (Intel Corporation) C:\windows\SysWOW64\igd10iumd32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 08120320 _____ (Intel Corporation) C:\windows\system32\ig7icd64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 06364672 _____ (Intel Corporation) C:\windows\SysWOW64\ig7icd32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 04342744 _____ (Intel Corporation) C:\windows\system32\Gfxv4_0.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 04339160 _____ (Intel Corporation) C:\windows\system32\Gfxv2_0.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 03791872 _____ (Intel Corporation) C:\windows\system32\Drivers\igdkmd64.sys
2014-11-19 22:35 - 2014-11-19 22:34 - 01673216 _____ (Intel Corporation) C:\windows\system32\igdrcl64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 01551872 _____ (Intel Corporation) C:\windows\SysWOW64\igdrcl32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00930264 _____ (Intel Corporation) C:\windows\system32\GfxUIEx.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 00544216 _____ (Intel Corporation) C:\windows\system32\DPTopologyApp.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 00543704 _____ (Intel Corporation) C:\windows\system32\DPTopologyAppv2_0.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 00450520 _____ (Intel(R) Corporation) C:\windows\system32\Drivers\IntcDAud.sys
2014-11-19 22:35 - 2014-11-19 22:34 - 00433560 _____ () C:\windows\system32\igdmd64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00393176 _____ (Intel Corporation) C:\windows\system32\CustomModeApp.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 00392664 _____ (Intel Corporation) C:\windows\system32\CustomModeAppv2_0.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 00348088 _____ () C:\windows\SysWOW64\igdmd32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00330240 _____ (Intel Corporation) C:\windows\system32\igdbcl64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00291328 _____ (Intel Corporation) C:\windows\SysWOW64\igdbcl32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00223744 _____ () C:\windows\system32\igdde64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00183808 _____ () C:\windows\SysWOW64\igdde32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00160256 _____ () C:\windows\system32\igdail64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00153048 _____ (Intel Corporation) C:\windows\system32\difx64.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 00142848 _____ () C:\windows\SysWOW64\igdail32.dll
2014-11-19 22:23 - 2014-12-03 07:45 - 00007124 _____ () C:\windows\setupact.log
2014-11-19 22:23 - 2014-11-19 22:23 - 00000000 _____ () C:\windows\setuperr.log
2014-11-19 22:21 - 2014-11-24 00:35 - 00025846 _____ () C:\windows\DPINST.LOG
2014-11-19 22:21 - 2014-11-19 22:21 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-11-19 22:13 - 2012-09-04 07:55 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDTUQ.DLL
2014-11-19 22:13 - 2012-09-04 07:55 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDTUF.DLL
2014-11-19 22:13 - 2012-09-04 07:27 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTUQ.DLL
2014-11-19 22:13 - 2012-09-04 07:27 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTUF.DLL
2014-11-19 17:16 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-19 17:16 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-19 17:16 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-19 17:16 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-15 11:01 - 2014-11-24 23:44 - 00000000 ____D () C:\Users\Marcel\Documents\Youcam
2014-11-15 11:01 - 2014-11-15 11:01 - 00000000 ____D () C:\Users\Public\CyberLink
2014-11-15 11:01 - 2014-11-15 11:01 - 00000000 ____D () C:\Users\Marcel\Documents\Avatar
2014-11-15 11:01 - 2014-11-15 11:01 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\CyberLink
2014-11-15 11:01 - 2014-11-15 11:01 - 00000000 ____D () C:\Users\Marcel\AppData\Local\CyberLink
2014-11-13 17:16 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-13 17:16 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-11-13 17:16 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-13 17:16 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-13 17:16 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-13 17:16 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-13 17:16 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-13 17:16 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-13 17:16 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-13 17:16 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-13 17:16 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-13 17:16 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-13 17:16 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-13 17:16 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-13 17:16 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-13 17:16 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-13 17:16 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-11-13 17:16 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-13 17:16 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-13 17:16 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-13 17:16 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-11-13 17:16 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-11-13 17:16 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-11-13 17:16 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-11-13 17:16 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-11-13 17:16 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 17:16 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-11-13 17:16 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-11-13 17:16 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-11-13 17:16 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-13 17:16 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-11-13 17:16 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-13 17:16 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-11-13 17:16 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-11-13 17:16 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-13 17:16 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-11-13 17:16 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 17:16 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-13 17:16 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-13 17:16 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-13 17:16 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-13 17:16 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-11-13 17:16 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-11-13 17:16 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-11-13 17:16 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-13 17:16 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-11-13 17:16 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-11-13 17:16 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-11-13 17:16 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-11-13 17:16 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-13 17:16 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-13 17:16 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-11-13 17:16 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-13 17:16 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-11-13 17:16 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-11-13 17:16 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-11-13 17:15 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-13 17:15 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-13 17:15 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-13 17:15 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-13 17:15 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-13 17:15 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-13 17:15 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-13 17:15 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-13 17:15 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-13 17:15 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-13 17:14 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-11-13 17:14 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-13 07:34 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-13 07:34 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-13 07:34 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-13 07:34 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-13 07:34 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-13 07:34 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-13 07:34 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-13 07:34 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-13 07:34 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-13 07:34 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-13 07:34 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-13 07:34 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-13 07:34 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-13 07:34 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-13 07:34 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-13 07:34 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-11-13 07:34 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-13 07:34 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-13 07:34 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-13 07:34 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-13 07:34 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-13 07:34 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2014-11-13 07:03 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-13 07:03 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-13 07:03 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-13 07:03 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-13 07:03 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-13 07:03 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-13 07:03 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-13 07:03 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-13 07:03 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-13 07:02 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-13 07:02 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-10 10:10 - 2014-11-10 14:06 - 00000000 ____D () C:\Users\Marcel\Documents\Súbory programu Outlook
2014-11-04 19:39 - 2014-11-04 19:39 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-11-04 19:37 - 2014-11-04 19:37 - 00000000 ____D () C:\GOG Games
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-03 18:26 - 2012-10-18 02:35 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-12-03 18:26 - 2012-10-18 02:35 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-03 17:40 - 2013-04-07 07:01 - 01140188 _____ () C:\windows\WindowsUpdate.log
2014-12-03 17:36 - 2014-05-13 22:41 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-03 07:53 - 2009-07-14 05:45 - 00031536 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-03 07:53 - 2009-07-14 05:45 - 00031536 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-03 07:52 - 2009-07-14 06:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-03 07:47 - 2014-10-07 21:50 - 00000000 ____D () C:\Users\Marcel\Desktop\diplmova práca
2014-12-03 07:47 - 2014-05-18 17:43 - 00000000 ___RD () C:\Users\Marcel\Dropbox
2014-12-03 07:46 - 2014-05-15 20:06 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Dropbox
2014-12-03 07:46 - 2013-04-07 07:17 - 00003228 _____ () C:\windows\System32\Tasks\Intel® Rapid Start Technology Manager
2014-12-03 07:46 - 2012-10-18 02:21 - 00000000 ____D () C:\ProgramData\PDFC
2014-12-03 07:45 - 2014-05-13 22:41 - 00000932 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-03 07:45 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-03 07:45 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\Registration
2014-12-03 07:44 - 2014-05-19 21:01 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\vlc
2014-12-03 07:14 - 2014-05-13 23:13 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Skype
2014-12-03 01:38 - 2014-05-17 12:27 - 00000000 ____D () C:\Program Files (x86)\FastShare
2014-12-03 00:06 - 2013-04-07 07:09 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-12-03 00:06 - 2012-10-18 02:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-03 00:00 - 2013-04-07 07:11 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-02 23:54 - 2014-10-13 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JCEM
2014-12-02 23:52 - 2012-10-18 02:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-12-02 17:49 - 2014-10-21 20:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-30 19:48 - 2014-06-21 00:31 - 00000000 ____D () C:\AdwCleaner
2014-11-30 17:33 - 2014-07-31 21:00 - 00000000 ____D () C:\Program Files (x86)\Age of Empires II HD The Forgotten
2014-11-30 15:34 - 2014-10-08 19:07 - 00000000 ____D () C:\Qoobox
2014-11-30 15:29 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini
2014-11-30 15:28 - 2014-10-19 10:08 - 00000336 _____ () C:\windows\Tasks\HPCeeScheduleForMarcel.job
2014-11-30 15:27 - 2014-10-08 19:06 - 00000000 ____D () C:\windows\erdnt
2014-11-30 15:27 - 2009-07-14 03:34 - 99090432 _____ () C:\windows\system32\config\SOFTWARE.bak
2014-11-30 15:27 - 2009-07-14 03:34 - 20447232 _____ () C:\windows\system32\config\SYSTEM.bak
2014-11-30 15:27 - 2009-07-14 03:34 - 00786432 _____ () C:\windows\system32\config\DEFAULT.bak
2014-11-30 15:27 - 2009-07-14 03:34 - 00262144 _____ () C:\windows\system32\config\SECURITY.bak
2014-11-30 15:27 - 2009-07-14 03:34 - 00262144 _____ () C:\windows\system32\config\SAM.bak
2014-11-30 14:23 - 2014-10-19 10:08 - 00003192 _____ () C:\windows\System32\Tasks\HPCeeScheduleForMarcel
2014-11-30 14:23 - 2014-10-12 10:36 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-11-30 14:22 - 2014-10-12 10:36 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-24 22:23 - 2009-07-14 05:45 - 00537368 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-24 00:36 - 2014-05-13 19:34 - 00167032 _____ () C:\Users\Marcel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-24 00:36 - 2014-05-13 19:30 - 00000000 ____D () C:\Users\Marcel
2014-11-24 00:34 - 2014-10-12 10:47 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Downloaded Installations
2014-11-21 21:59 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Autodesk
2014-11-21 21:54 - 2013-04-07 07:08 - 00000000 ____D () C:\ProgramData\Temp
2014-11-21 21:47 - 2014-05-15 19:07 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Autodesk
2014-11-21 21:45 - 2014-05-15 19:08 - 00000000 ____D () C:\ProgramData\Autodesk
2014-11-21 21:43 - 2014-05-15 19:16 - 00000000 ____D () C:\Program Files\Autodesk
2014-11-21 21:25 - 2014-05-13 23:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-11-21 21:22 - 2014-05-13 23:18 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\DAEMON Tools Lite
2014-11-21 21:06 - 2013-04-07 07:19 - 00001912 _____ () C:\windows\epplauncher.mif
2014-11-21 19:11 - 2013-04-07 07:00 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-11-20 23:19 - 2014-05-13 23:28 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Microsoft Help
2014-11-19 22:49 - 2013-04-07 07:08 - 00015920 _____ () C:\windows\system32\results.xml
2014-11-19 22:43 - 2011-07-29 00:51 - 00000000 ____D () C:\swsetup
2014-11-19 22:42 - 2013-04-07 07:05 - 00041984 _____ (Intel Corporation) C:\windows\system32\Drivers\USB3Ver.dll
2014-11-19 22:38 - 2012-10-18 02:10 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-11-19 22:37 - 2013-04-07 07:02 - 00000000 ____D () C:\Program Files\Intel
2014-11-19 22:35 - 2012-09-02 22:21 - 00444376 _____ (Intel Corporation) C:\windows\system32\igfxTray.exe
2014-11-19 22:35 - 2012-09-02 18:10 - 00064000 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2014-11-19 22:35 - 2012-09-02 18:10 - 00060416 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2014-11-19 22:31 - 2013-04-07 07:12 - 00000000 ____D () C:\windows\Hewlett-Packard
2014-11-19 22:22 - 2013-04-07 07:02 - 00000000 ____D () C:\ProgramData\Intel
2014-11-19 22:21 - 2013-04-07 07:03 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-11-19 22:12 - 2014-05-13 19:32 - 00000000 __RSH () C:\windows\SysWOW64\Drivers\103C_HP_bNB_EliteBook Folio 9470m_Y5336AN_0U_QCNU3259FSP_E692752-FL1_4A_I18DF_SHP_V62.18_B68IBD F.48_T140113_W748-1_L41B_M8056_J500_7Intel_86A9_92.40_#121017_N80861502;8086088E_(H5E46EA#BCM)_XMOBILE_CN10_Z.MRK
2014-11-19 22:12 - 2014-05-13 19:32 - 00000000 __RSH () C:\windows\system32\Drivers\103C_HP_bNB_EliteBook Folio 9470m_Y5336AN_0U_QCNU3259FSP_E692752-FL1_4A_I18DF_SHP_V62.18_B68IBD F.48_T140113_W748-1_L41B_M8056_J500_7Intel_86A9_92.40_#121017_N80861502;8086088E_(H5E46EA#BCM)_XMOBILE_CN10_Z.MRK
2014-11-19 22:12 - 2012-10-18 01:53 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-11-16 17:54 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-11-15 08:43 - 2014-05-15 20:07 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-14 14:09 - 2014-05-16 09:31 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-14 10:38 - 2014-05-13 23:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 19:40 - 2014-05-13 22:40 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Adobe
2014-11-13 07:36 - 2014-05-16 07:50 - 00000000 ____D () C:\windows\system32\MRT
2014-11-13 06:55 - 2014-05-16 07:50 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-11 20:31 - 2014-05-13 22:41 - 00003932 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-11 20:31 - 2014-05-13 22:41 - 00003680 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-08 12:38 - 2013-04-07 07:20 - 00000000 ____D () C:\ProgramData\Skype
2014-11-04 19:39 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-11-03 20:38 - 2009-07-14 06:08 - 00032606 _____ () C:\windows\Tasks\SCHEDLGU.TXT
Some content of TEMP:
====================
C:\Users\Marcel\AppData\Local\Temp\AxSFADownloader.exe
C:\Users\Marcel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqutfrm.dll
C:\Users\Marcel\AppData\Local\Temp\Quarantine.exe
C:\Users\Marcel\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
Task: {213224F1-A1DA-4B4D-A769-1D257DECFA4D} - System32\Tasks\Imperia Online W4 => Chrome.exe \C:\Program Files (x86)\Google\Chrome\Application\chrome.exe\" --app=http://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768"
Task: {597218D1-B560-4601-9ED5-80CB92E4AD23} - System32\Tasks\Imperia Online W2 => Chrome.exe \C:\Program Files (x86)\Google\Chrome\Application\chrome.exe\" --app=http://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768"
Task: {67A44099-9024-4E64-9099-4AC159307D4F} - System32\Tasks\Imperia Online W3 => Chrome.exe \C:\Program Files (x86)\Google\Chrome\Application\chrome.exe\" --app=http://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768"
Task: {9C2431E1-96FB-4C27-AA5B-5EB6DC3EC8D5} - System32\Tasks\Imperia Online W1 => Chrome.exe \C:\Program Files (x86)\Google\Chrome\Application\chrome.exe\" --app=http://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768"
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForMarcel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Marcel\Desktop" je 2747 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Prikladám log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-12-2014
Ran by Marcel (administrator) on MARCEL-HP on 03-12-2014 18:32:24
Running from C:\Users\Marcel\Desktop
Loaded Profile: Marcel (Available profiles: Marcel)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
( ) C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Dropbox, Inc.) C:\Users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Marcel\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2014-10-12] (Synaptics Incorporated)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-06-22] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2014-11-19] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2012-08-31] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167024 2012-08-31] (CyberLink Corp.)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12313720 2012-08-07] (Hewlett-Packard)
HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2014-04-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-02] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-420091433-3007874471-987154306-1001\...\Run: [Capture Screenshot lite] => C:\Program Files (x86)\CaptureScreenshotLite\CaptureScreenShot.exe [3469312 2014-07-17] ()
HKU\S-1-5-21-420091433-3007874471-987154306-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-420091433-3007874471-987154306-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-420091433-3007874471-987154306-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-420091433-3007874471-987154306-1001\...\Policies\Explorer: []
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marcel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-420091433-3007874471-987154306-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-420091433-3007874471-987154306-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=U220DHP&pc=U220
HKU\S-1-5-21-420091433-3007874471-987154306-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-420091433-3007874471-987154306-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-420091433-3007874471-987154306-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: CPub Object -> {696D8C1E-7039-40c8-9C66-07D9D2A2D00D} -> C:\Program Files (x86)\AdCleaner\AdCleaner.dll (eEriEsoft, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll (Digital Persona, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-04-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-02]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> https://sharepoint.freudenberg-filter.c ... Items.aspx
CHR StartupUrls: Default -> "hxxp://www.google.sk/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-13]
CHR Extension: (Disk Google) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-13]
CHR Extension: (YouTube) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-13]
CHR Extension: (Adblock Plus) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-15]
CHR Extension: (Hľadať v Google) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-13]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-05-15]
CHR Extension: (Avast Online Security) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-02]
CHR Extension: (Project Viewer 365-Free) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmpghmkgkalhonankenfklpmdgnilapp [2014-11-24]
CHR Extension: (SharePoint JSON Viewer) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjocknanjkfbihefbkknomccckekpfj [2014-11-24]
CHR Extension: (SharePoint Fix) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbkoobmboaainhbkbdojincpeoldlfc [2014-11-24]
CHR Extension: (Peňaženka Google) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-13]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-05-15]
CHR Extension: (Gmail) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-02] (Avast Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-21] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477088 2012-09-04] (Hewlett-Packard Company)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-04-23] (Infineon Technologies AG)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-11-19] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193536 2012-05-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-07-11] () [File not signed]
R2 mitsijm2013; C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [339776 2012-04-22] ( )
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete Inc)
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-04-23] (Infineon Technologies AG)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-02] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-02] ()
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-09-04] (Hewlett-Packard Company)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-13] (Disc Soft Ltd)
S3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-05-17] (Intel Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [90736 2012-07-12] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158832 2012-07-12] (McAfee, Inc.)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8222736 2012-06-15] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-10-12] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-12-01] (Duplex Secure Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-02] (Avast Software)
U3 arpq2ojh; C:\Windows\System32\Drivers\arpq2ojh.sys [0 ] (Advanced Micro Devices)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-03 18:32 - 2014-12-03 18:32 - 00025146 _____ () C:\Users\Marcel\Desktop\FRST.txt
2014-12-03 18:31 - 2014-12-03 18:32 - 00000000 ____D () C:\FRST
2014-12-03 18:31 - 2014-12-03 18:31 - 00112640 _____ (forum.viry.cz) C:\Users\Marcel\Desktop\FRSTLauncher.exe
2014-12-03 18:30 - 2014-12-03 18:30 - 02117120 _____ (Farbar) C:\Users\Marcel\Desktop\FRST64.exe
2014-12-03 08:31 - 2014-12-03 08:31 - 00000247 _____ () C:\windows\system32\2014-12-03-07-31-38.025-aswFe.exe-1596.log
2014-12-03 08:06 - 2014-12-03 08:31 - 00000247 _____ () C:\windows\system32\2014-12-03-07-06-14.055-aswFe.exe-7940.log
2014-12-03 08:06 - 2014-12-03 08:06 - 00000197 _____ () C:\windows\system32\2014-12-03-07-06-07.045-AvastVBoxSVC.exe-8116.log
2014-12-03 07:33 - 2014-12-03 07:33 - 00002479 _____ () C:\Users\Marcel\Desktop\g.txt
2014-12-03 01:37 - 2014-12-03 01:38 - 20128611 _____ () C:\Users\Marcel\Downloads\20141129_6.part4.rar
2014-12-03 01:07 - 2014-12-03 01:37 - 2096004096 _____ () C:\Users\Marcel\Downloads\20141129_6.part3.rar
2014-12-03 00:37 - 2014-12-03 01:07 - 2096004096 _____ () C:\Users\Marcel\Downloads\20141129_6.part2.rar
2014-12-03 00:05 - 2014-12-03 00:37 - 2096004096 _____ () C:\Users\Marcel\Downloads\20141129_6.part1.rar
2014-12-02 23:55 - 2014-12-02 23:55 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Symantec
2014-12-02 23:42 - 2014-12-02 23:47 - 00000000 ____D () C:\záloha
2014-12-02 23:41 - 2014-12-02 23:41 - 00000197 _____ () C:\windows\system32\2014-12-02-22-41-09.074-AvastVBoxSVC.exe-4888.log
2014-12-02 22:54 - 2014-12-02 22:54 - 00000197 _____ () C:\windows\system32\2014-12-02-21-54-16.085-AvastVBoxSVC.exe-4064.log
2014-12-02 22:48 - 2014-12-02 22:48 - 00000197 _____ () C:\windows\system32\2014-12-02-21-48-03.047-AvastVBoxSVC.exe-1956.log
2014-12-02 22:15 - 2014-12-02 22:15 - 00000197 _____ () C:\windows\system32\2014-12-02-21-15-25.051-AvastVBoxSVC.exe-3940.log
2014-12-02 21:44 - 2014-12-02 21:44 - 00000197 _____ () C:\windows\system32\2014-12-02-20-44-15.093-AvastVBoxSVC.exe-4344.log
2014-12-02 21:14 - 2014-12-02 21:14 - 00000197 _____ () C:\windows\system32\2014-12-02-20-14-22.052-AvastVBoxSVC.exe-4640.log
2014-12-02 20:42 - 2014-12-02 20:42 - 00000197 _____ () C:\windows\system32\2014-12-02-19-42-02.097-AvastVBoxSVC.exe-4416.log
2014-12-02 20:10 - 2014-12-02 20:10 - 00000197 _____ () C:\windows\system32\2014-12-02-19-10-21.060-AvastVBoxSVC.exe-4800.log
2014-12-02 19:52 - 2014-12-02 20:19 - 00000000 ____D () C:\Users\Marcel\Documents\vs2
2014-12-02 19:39 - 2014-12-02 19:39 - 00000197 _____ () C:\windows\system32\2014-12-02-18-39-37.055-AvastVBoxSVC.exe-4420.log
2014-12-02 19:08 - 2014-12-02 19:08 - 00000197 _____ () C:\windows\system32\2014-12-02-18-08-05.073-AvastVBoxSVC.exe-4652.log
2014-12-02 18:47 - 2014-12-02 18:48 - 00000247 _____ () C:\windows\system32\2014-12-02-17-47-41.083-aswFe.exe-9052.log
2014-12-02 18:42 - 2014-12-02 18:47 - 00000247 _____ () C:\windows\system32\2014-12-02-17-42-26.064-aswFe.exe-812.log
2014-12-02 18:42 - 2014-12-02 18:42 - 00000197 _____ () C:\windows\system32\2014-12-02-17-42-20.033-AvastVBoxSVC.exe-4808.log
2014-12-02 18:07 - 2014-12-02 18:10 - 00000000 ____D () C:\windows\SysWOW64\vbox
2014-12-02 18:07 - 2014-12-02 18:10 - 00000000 ____D () C:\windows\system32\vbox
2014-12-02 17:52 - 2014-12-02 17:52 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\AVAST Software
2014-12-02 17:52 - 2014-12-02 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-02 17:51 - 2014-12-02 17:52 - 01050432 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00436624 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00364512 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-12-02 17:51 - 2014-12-02 17:51 - 00267632 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00116728 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00083280 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-12-02 17:51 - 2014-12-02 17:51 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-12-02 17:51 - 2014-12-02 17:51 - 00003924 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-12-02 17:50 - 2014-12-02 17:50 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-02 17:49 - 2014-12-02 17:50 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-02 17:47 - 2014-12-02 17:47 - 00003636 _____ () C:\windows\System32\Tasks\Imperia Online W4
2014-12-02 17:47 - 2014-12-02 17:47 - 00003636 _____ () C:\windows\System32\Tasks\Imperia Online W3
2014-12-02 17:47 - 2014-12-02 17:47 - 00003636 _____ () C:\windows\System32\Tasks\Imperia Online W2
2014-12-02 17:47 - 2014-12-02 17:47 - 00003636 _____ () C:\windows\System32\Tasks\Imperia Online W1
2014-12-02 17:47 - 2014-12-02 17:47 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2014-12-02 17:47 - 2014-12-02 17:47 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\ImperiaOnline
2014-12-02 17:47 - 2014-12-02 17:47 - 00000000 ____D () C:\Users\Marcel\AppData\Local\IsolatedStorage
2014-12-01 18:02 - 2014-12-01 18:02 - 00000124 _____ () C:\Users\Marcel\Documents\ax_files.xml
2014-12-01 17:56 - 2014-12-01 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
2014-12-01 17:55 - 2014-12-01 17:55 - 00000000 ____D () C:\Program Files (x86)\Alcohol Soft
2014-12-01 17:54 - 2014-12-01 17:54 - 00386680 _____ (Duplex Secure Ltd.) C:\windows\system32\Drivers\sptd.sys
2014-11-30 19:53 - 2014-11-30 19:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-30 15:34 - 2014-11-30 15:34 - 00029431 _____ () C:\ComboFix.txt
2014-11-30 15:20 - 2014-11-30 15:34 - 00000000 ____D () C:\ComboFix
2014-11-26 23:37 - 2014-11-26 23:37 - 00000000 ____D () C:\rsit
2014-11-26 23:37 - 2014-11-26 23:37 - 00000000 ____D () C:\Program Files\trend micro
2014-11-24 23:35 - 2014-11-24 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-24 23:34 - 2014-11-24 23:34 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-24 23:34 - 2014-11-24 23:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-24 23:30 - 2014-12-03 07:45 - 00006584 _____ () C:\windows\PFRO.log
2014-11-24 23:29 - 2014-11-24 23:34 - 00015629 _____ () C:\windows\IE11_main.log
2014-11-24 22:26 - 2014-11-24 22:26 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-11-24 00:36 - 2014-12-03 07:46 - 00000000 ____D () C:\Users\Marcel\AppData\Local\HTC MediaHub
2014-11-24 00:36 - 2014-11-24 00:36 - 00000000 ____D () C:\Users\Marcel\Documents\HTC
2014-11-24 00:36 - 2014-11-24 00:36 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\HTC
2014-11-24 00:36 - 2014-11-24 00:36 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Apple Computer
2014-11-24 00:36 - 2014-11-24 00:36 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Apple Computer
2014-11-24 00:36 - 2014-11-24 00:36 - 00000000 ____D () C:\Users\Marcel\.android
2014-11-24 00:36 - 2014-11-24 00:36 - 00000000 ____D () C:\ProgramData\HTC
2014-11-24 00:35 - 2014-11-24 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-11-24 00:34 - 2014-11-24 00:35 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-11-24 00:34 - 2014-11-24 00:34 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-11-21 21:47 - 2014-11-21 21:47 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Granta Design
2014-11-21 21:47 - 2014-11-21 21:47 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Autodesk,_Inc
2014-11-21 21:37 - 2014-11-21 21:47 - 00000000 ____D () C:\Users\Marcel\Documents\Inventor
2014-11-21 21:36 - 2014-11-21 21:36 - 00000000 ____D () C:\Users\Marcel\Documents\Autodesk
2014-11-21 21:32 - 2014-11-21 21:43 - 00000000 ____D () C:\Users\Public\Documents\Autodesk
2014-11-21 21:32 - 2014-11-21 21:32 - 00000000 ____D () C:\Temp
2014-11-21 21:27 - 2014-11-21 21:43 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-11-21 21:27 - 2014-11-21 21:27 - 00000000 ____D () C:\Program Files (x86)\DWG TrueView 2013
2014-11-21 21:26 - 2014-11-21 21:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-11-21 21:26 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll
2014-11-21 21:26 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_43.dll
2014-11-21 21:26 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_43.dll
2014-11-21 21:26 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll
2014-11-21 21:26 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_43.dll
2014-11-21 21:26 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
2014-11-21 21:26 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_43.dll
2014-11-21 21:25 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll
2014-11-21 21:24 - 2014-11-21 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-11-21 21:24 - 2014-11-21 21:24 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2014-11-21 19:52 - 2014-11-21 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-11-21 19:52 - 2014-11-21 19:52 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-11-21 19:49 - 2014-11-21 19:49 - 00000000 ____D () C:\Users\Marcel\IGC
2014-11-21 19:49 - 2014-11-21 19:49 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\IGC
2014-11-20 23:14 - 2014-11-20 23:14 - 00000144 _____ () C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-19 23:02 - 2014-11-19 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Good Timing
2014-11-19 22:54 - 2014-11-19 22:54 - 00000000 __SHD () C:\Users\Marcel\AppData\Local\EmieBrowserModeList
2014-11-19 22:49 - 2014-11-19 22:49 - 00000451 _____ () C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-19 22:43 - 2014-11-19 22:43 - 00176880 _____ (JMicron Technology Corporation) C:\windows\system32\Drivers\jmcr.sys
2014-11-19 22:42 - 2014-11-19 22:42 - 00795632 _____ (Intel Corporation) C:\windows\system32\Drivers\iusb3xhc.sys
2014-11-19 22:42 - 2014-11-19 22:42 - 00358896 _____ (Intel Corporation) C:\windows\system32\Drivers\iusb3hub.sys
2014-11-19 22:42 - 2014-11-19 22:42 - 00020464 _____ (Intel Corporation) C:\windows\system32\Drivers\iusb3hcs.sys
2014-11-19 22:39 - 2014-05-02 12:02 - 00495376 _____ (Intel Corporation) C:\windows\system32\Drivers\e1c62x64.sys
2014-11-19 22:39 - 2013-07-25 03:08 - 00073480 _____ (Intel Corporation) C:\windows\system32\e1cmsg.dll
2014-11-19 22:39 - 2013-07-11 03:27 - 00089888 _____ (Intel Corporation) C:\windows\system32\NicInstC.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 16586584 _____ (Intel Corporation) C:\windows\system32\igdumdim64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 16114320 _____ (Intel Corporation) C:\windows\SysWOW64\igdumdim32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 04590152 _____ (Intel Corporation) C:\windows\system32\igdusc64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 03658520 _____ (Intel Corporation) C:\windows\SysWOW64\igdusc32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 02813952 _____ () C:\windows\system32\iglhxa64.cpa
2014-11-19 22:35 - 2014-11-19 22:35 - 02023936 _____ (Intel Corporation) C:\windows\system32\igfxcmjit64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 01755648 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmjit32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 01137080 _____ (Intel Corporation) C:\windows\system32\iglhsip64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 01132960 _____ (Intel Corporation) C:\windows\SysWOW64\iglhsip32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00734208 _____ (Intel Corporation) C:\windows\system32\MetroIntelGenericUIFramework.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00655360 _____ (Intel Corporation) C:\windows\system32\igfxDH.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00501720 _____ (Intel Corporation) C:\windows\system32\igfxEM.exe
2014-11-19 22:35 - 2014-11-19 22:35 - 00373248 _____ (Intel Corporation) C:\windows\system32\igfxOSP.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00358912 _____ (Intel Corporation) C:\windows\system32\IntelOpenCL64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00315352 _____ (Intel Corporation) C:\windows\system32\igfxCUIService.exe
2014-11-19 22:35 - 2014-11-19 22:35 - 00294912 _____ (Intel Corporation) C:\windows\SysWOW64\IntelOpenCL32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00279000 _____ (Intel Corporation) C:\windows\SysWOW64\IntelCpHeciSvc.exe
2014-11-19 22:35 - 2014-11-19 22:35 - 00267264 _____ (Intel Corporation) C:\windows\system32\igfxDI.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00254976 _____ () C:\windows\system32\igfxCPL.cpl
2014-11-19 22:35 - 2014-11-19 22:35 - 00249856 _____ (Intel Corporation) C:\windows\system32\igfxLHM.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00244184 _____ (Intel Corporation) C:\windows\system32\igfxHK.exe
2014-11-19 22:35 - 2014-11-19 22:35 - 00218808 _____ (Intel Corporation) C:\windows\system32\iglhcp64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00212992 _____ (Intel Corporation) C:\windows\system32\igfxDTCM.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00191448 _____ (Intel Corporation) C:\windows\system32\igfxext.exe
2014-11-19 22:35 - 2014-11-19 22:35 - 00187408 _____ (Intel Corporation) C:\windows\system32\igfxcmrt64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00187348 _____ () C:\windows\system32\resTHA.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00183800 _____ (Intel Corporation) C:\windows\SysWOW64\iglhcp32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00182784 _____ (Intel Corporation) C:\windows\system32\igfxCoIn_v3621.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00182784 _____ (Intel Corporation) C:\windows\system32\igfx11cmrt64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00180164 _____ () C:\windows\system32\resELL.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00176020 _____ () C:\windows\system32\resRUS.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00161876 _____ () C:\windows\system32\resARA.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00161332 _____ () C:\windows\system32\resHEB.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00161268 _____ () C:\windows\system32\resJPN.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00158032 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmrt32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00156692 _____ () C:\windows\system32\resFRA.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00156676 _____ () C:\windows\system32\resHUN.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00155136 _____ (Intel Corporation) C:\windows\SysWOW64\igfx11cmrt32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00154980 _____ () C:\windows\system32\resKOR.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00154884 _____ () C:\windows\system32\resITA.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00154884 _____ () C:\windows\system32\resDEU.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00154724 _____ () C:\windows\system32\resROM.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00154612 _____ () C:\windows\system32\resESN.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00154180 _____ () C:\windows\system32\resPLK.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00154036 _____ () C:\windows\system32\resSKY.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00153844 _____ () C:\windows\system32\resNLD.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00153284 _____ () C:\windows\system32\resPTB.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00153140 _____ () C:\windows\system32\resTRK.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00153108 _____ () C:\windows\system32\resCSY.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00152980 _____ () C:\windows\system32\resPTG.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00152564 _____ () C:\windows\system32\resFIN.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00152132 _____ () C:\windows\system32\resHRV.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00151684 _____ () C:\windows\system32\resSVE.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00151508 _____ () C:\windows\system32\resSLV.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00150580 _____ () C:\windows\system32\resNOR.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00150068 _____ () C:\windows\system32\resDAN.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00148756 _____ () C:\windows\system32\resENU.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00146980 _____ () C:\windows\system32\resCHT.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00146148 _____ () C:\windows\system32\resCHS.cui
2014-11-19 22:35 - 2014-11-19 22:35 - 00070144 _____ () C:\windows\system32\igfxCUIServicePS.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00069632 _____ ( ) C:\windows\system32\igfxDHLibv2_0.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00064000 _____ (Khronos Group) C:\windows\system32\Intel_OpenCL_ICD64.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00060416 _____ (Khronos Group) C:\windows\SysWOW64\Intel_OpenCL_ICD32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00057856 _____ ( ) C:\windows\system32\igfxDHLib.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00044025 _____ () C:\windows\system32\iglhxo64.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00043816 _____ () C:\windows\system32\iglhxc64_dev.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00043494 _____ () C:\windows\system32\iglhxc64.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00043298 _____ () C:\windows\system32\iglhxg64_dev.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00043256 _____ () C:\windows\system32\iglhxg64.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00042079 _____ () C:\windows\system32\iglhxo64_dev.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00031408 _____ (Intel Corporation) C:\windows\system32\igfxexps.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00030720 _____ (Intel Corporation) C:\windows\SysWOW64\igfxexps32.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00010752 _____ ( ) C:\windows\system32\igfxDILib.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00010240 _____ ( ) C:\windows\system32\igfxEMLibv2_0.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00010240 _____ ( ) C:\windows\system32\igfxEMLib.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00010240 _____ ( ) C:\windows\system32\igfxDILibv2_0.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00005120 _____ ( ) C:\windows\system32\igfxLHMLibv2_0.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00005120 _____ ( ) C:\windows\system32\igfxLHMLib.dll
2014-11-19 22:35 - 2014-11-19 22:35 - 00002568 _____ () C:\windows\system32\iglhxs64.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00001125 _____ () C:\windows\system32\iglhxa64.vp
2014-11-19 22:35 - 2014-11-19 22:35 - 00000000 ____D () C:\Intel
2014-11-19 22:35 - 2014-11-19 22:34 - 23048704 _____ (Intel Corporation) C:\windows\system32\igdfcl64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 18032640 _____ (Intel Corporation) C:\windows\SysWOW64\igdfcl32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 17791136 _____ (Intel Corporation) C:\windows\system32\igd10iumd64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 17409536 _____ (Intel Corporation) C:\windows\SysWOW64\igd10iumd32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 08120320 _____ (Intel Corporation) C:\windows\system32\ig7icd64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 06364672 _____ (Intel Corporation) C:\windows\SysWOW64\ig7icd32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 04342744 _____ (Intel Corporation) C:\windows\system32\Gfxv4_0.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 04339160 _____ (Intel Corporation) C:\windows\system32\Gfxv2_0.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 03791872 _____ (Intel Corporation) C:\windows\system32\Drivers\igdkmd64.sys
2014-11-19 22:35 - 2014-11-19 22:34 - 01673216 _____ (Intel Corporation) C:\windows\system32\igdrcl64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 01551872 _____ (Intel Corporation) C:\windows\SysWOW64\igdrcl32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00930264 _____ (Intel Corporation) C:\windows\system32\GfxUIEx.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 00544216 _____ (Intel Corporation) C:\windows\system32\DPTopologyApp.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 00543704 _____ (Intel Corporation) C:\windows\system32\DPTopologyAppv2_0.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 00450520 _____ (Intel(R) Corporation) C:\windows\system32\Drivers\IntcDAud.sys
2014-11-19 22:35 - 2014-11-19 22:34 - 00433560 _____ () C:\windows\system32\igdmd64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00393176 _____ (Intel Corporation) C:\windows\system32\CustomModeApp.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 00392664 _____ (Intel Corporation) C:\windows\system32\CustomModeAppv2_0.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 00348088 _____ () C:\windows\SysWOW64\igdmd32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00330240 _____ (Intel Corporation) C:\windows\system32\igdbcl64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00291328 _____ (Intel Corporation) C:\windows\SysWOW64\igdbcl32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00223744 _____ () C:\windows\system32\igdde64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00183808 _____ () C:\windows\SysWOW64\igdde32.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00160256 _____ () C:\windows\system32\igdail64.dll
2014-11-19 22:35 - 2014-11-19 22:34 - 00153048 _____ (Intel Corporation) C:\windows\system32\difx64.exe
2014-11-19 22:35 - 2014-11-19 22:34 - 00142848 _____ () C:\windows\SysWOW64\igdail32.dll
2014-11-19 22:23 - 2014-12-03 07:45 - 00007124 _____ () C:\windows\setupact.log
2014-11-19 22:23 - 2014-11-19 22:23 - 00000000 _____ () C:\windows\setuperr.log
2014-11-19 22:21 - 2014-11-24 00:35 - 00025846 _____ () C:\windows\DPINST.LOG
2014-11-19 22:21 - 2014-11-19 22:21 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-11-19 22:13 - 2012-09-04 07:55 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDTUQ.DLL
2014-11-19 22:13 - 2012-09-04 07:55 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDTUF.DLL
2014-11-19 22:13 - 2012-09-04 07:27 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTUQ.DLL
2014-11-19 22:13 - 2012-09-04 07:27 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTUF.DLL
2014-11-19 17:16 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-19 17:16 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-19 17:16 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-19 17:16 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-15 11:01 - 2014-11-24 23:44 - 00000000 ____D () C:\Users\Marcel\Documents\Youcam
2014-11-15 11:01 - 2014-11-15 11:01 - 00000000 ____D () C:\Users\Public\CyberLink
2014-11-15 11:01 - 2014-11-15 11:01 - 00000000 ____D () C:\Users\Marcel\Documents\Avatar
2014-11-15 11:01 - 2014-11-15 11:01 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\CyberLink
2014-11-15 11:01 - 2014-11-15 11:01 - 00000000 ____D () C:\Users\Marcel\AppData\Local\CyberLink
2014-11-13 17:16 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-13 17:16 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-11-13 17:16 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-13 17:16 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-13 17:16 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-13 17:16 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-13 17:16 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-13 17:16 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-13 17:16 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-13 17:16 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-13 17:16 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-13 17:16 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-13 17:16 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-13 17:16 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-13 17:16 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-13 17:16 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-13 17:16 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-11-13 17:16 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-13 17:16 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-13 17:16 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-13 17:16 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-11-13 17:16 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-11-13 17:16 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-11-13 17:16 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-11-13 17:16 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-11-13 17:16 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 17:16 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-11-13 17:16 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-11-13 17:16 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-11-13 17:16 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-13 17:16 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-11-13 17:16 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-13 17:16 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-11-13 17:16 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-11-13 17:16 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-13 17:16 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-11-13 17:16 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 17:16 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-13 17:16 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-13 17:16 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-13 17:16 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-13 17:16 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-11-13 17:16 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-11-13 17:16 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-11-13 17:16 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-13 17:16 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-11-13 17:16 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-11-13 17:16 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-11-13 17:16 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-11-13 17:16 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-13 17:16 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-13 17:16 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-11-13 17:16 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-13 17:16 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-11-13 17:16 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-11-13 17:16 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-11-13 17:15 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-13 17:15 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-13 17:15 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-13 17:15 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-13 17:15 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-13 17:15 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-13 17:15 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-13 17:15 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-13 17:15 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-13 17:15 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-13 17:14 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-11-13 17:14 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-13 07:34 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-13 07:34 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-13 07:34 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-13 07:34 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-13 07:34 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-13 07:34 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-13 07:34 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-13 07:34 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-13 07:34 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-13 07:34 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-13 07:34 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-13 07:34 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-13 07:34 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-13 07:34 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-13 07:34 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-13 07:34 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-11-13 07:34 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-13 07:34 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-13 07:34 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-13 07:34 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-13 07:34 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-13 07:34 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2014-11-13 07:03 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-13 07:03 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-13 07:03 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-13 07:03 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-13 07:03 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-13 07:03 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-13 07:03 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-13 07:03 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-13 07:03 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-13 07:02 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-13 07:02 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-10 10:10 - 2014-11-10 14:06 - 00000000 ____D () C:\Users\Marcel\Documents\Súbory programu Outlook
2014-11-04 19:39 - 2014-11-04 19:39 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-11-04 19:37 - 2014-11-04 19:37 - 00000000 ____D () C:\GOG Games
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-03 18:26 - 2012-10-18 02:35 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-12-03 18:26 - 2012-10-18 02:35 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-03 17:40 - 2013-04-07 07:01 - 01140188 _____ () C:\windows\WindowsUpdate.log
2014-12-03 17:36 - 2014-05-13 22:41 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-03 07:53 - 2009-07-14 05:45 - 00031536 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-03 07:53 - 2009-07-14 05:45 - 00031536 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-03 07:52 - 2009-07-14 06:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-03 07:47 - 2014-10-07 21:50 - 00000000 ____D () C:\Users\Marcel\Desktop\diplmova práca
2014-12-03 07:47 - 2014-05-18 17:43 - 00000000 ___RD () C:\Users\Marcel\Dropbox
2014-12-03 07:46 - 2014-05-15 20:06 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Dropbox
2014-12-03 07:46 - 2013-04-07 07:17 - 00003228 _____ () C:\windows\System32\Tasks\Intel® Rapid Start Technology Manager
2014-12-03 07:46 - 2012-10-18 02:21 - 00000000 ____D () C:\ProgramData\PDFC
2014-12-03 07:45 - 2014-05-13 22:41 - 00000932 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-03 07:45 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-03 07:45 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\Registration
2014-12-03 07:44 - 2014-05-19 21:01 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\vlc
2014-12-03 07:14 - 2014-05-13 23:13 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Skype
2014-12-03 01:38 - 2014-05-17 12:27 - 00000000 ____D () C:\Program Files (x86)\FastShare
2014-12-03 00:06 - 2013-04-07 07:09 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-12-03 00:06 - 2012-10-18 02:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-03 00:00 - 2013-04-07 07:11 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-02 23:54 - 2014-10-13 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JCEM
2014-12-02 23:52 - 2012-10-18 02:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-12-02 17:49 - 2014-10-21 20:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-30 19:48 - 2014-06-21 00:31 - 00000000 ____D () C:\AdwCleaner
2014-11-30 17:33 - 2014-07-31 21:00 - 00000000 ____D () C:\Program Files (x86)\Age of Empires II HD The Forgotten
2014-11-30 15:34 - 2014-10-08 19:07 - 00000000 ____D () C:\Qoobox
2014-11-30 15:29 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini
2014-11-30 15:28 - 2014-10-19 10:08 - 00000336 _____ () C:\windows\Tasks\HPCeeScheduleForMarcel.job
2014-11-30 15:27 - 2014-10-08 19:06 - 00000000 ____D () C:\windows\erdnt
2014-11-30 15:27 - 2009-07-14 03:34 - 99090432 _____ () C:\windows\system32\config\SOFTWARE.bak
2014-11-30 15:27 - 2009-07-14 03:34 - 20447232 _____ () C:\windows\system32\config\SYSTEM.bak
2014-11-30 15:27 - 2009-07-14 03:34 - 00786432 _____ () C:\windows\system32\config\DEFAULT.bak
2014-11-30 15:27 - 2009-07-14 03:34 - 00262144 _____ () C:\windows\system32\config\SECURITY.bak
2014-11-30 15:27 - 2009-07-14 03:34 - 00262144 _____ () C:\windows\system32\config\SAM.bak
2014-11-30 14:23 - 2014-10-19 10:08 - 00003192 _____ () C:\windows\System32\Tasks\HPCeeScheduleForMarcel
2014-11-30 14:23 - 2014-10-12 10:36 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-11-30 14:22 - 2014-10-12 10:36 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-24 22:23 - 2009-07-14 05:45 - 00537368 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-24 00:36 - 2014-05-13 19:34 - 00167032 _____ () C:\Users\Marcel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-24 00:36 - 2014-05-13 19:30 - 00000000 ____D () C:\Users\Marcel
2014-11-24 00:34 - 2014-10-12 10:47 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Downloaded Installations
2014-11-21 21:59 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Autodesk
2014-11-21 21:54 - 2013-04-07 07:08 - 00000000 ____D () C:\ProgramData\Temp
2014-11-21 21:47 - 2014-05-15 19:07 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Autodesk
2014-11-21 21:45 - 2014-05-15 19:08 - 00000000 ____D () C:\ProgramData\Autodesk
2014-11-21 21:43 - 2014-05-15 19:16 - 00000000 ____D () C:\Program Files\Autodesk
2014-11-21 21:25 - 2014-05-13 23:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-11-21 21:22 - 2014-05-13 23:18 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\DAEMON Tools Lite
2014-11-21 21:06 - 2013-04-07 07:19 - 00001912 _____ () C:\windows\epplauncher.mif
2014-11-21 19:11 - 2013-04-07 07:00 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-11-20 23:19 - 2014-05-13 23:28 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Microsoft Help
2014-11-19 22:49 - 2013-04-07 07:08 - 00015920 _____ () C:\windows\system32\results.xml
2014-11-19 22:43 - 2011-07-29 00:51 - 00000000 ____D () C:\swsetup
2014-11-19 22:42 - 2013-04-07 07:05 - 00041984 _____ (Intel Corporation) C:\windows\system32\Drivers\USB3Ver.dll
2014-11-19 22:38 - 2012-10-18 02:10 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-11-19 22:37 - 2013-04-07 07:02 - 00000000 ____D () C:\Program Files\Intel
2014-11-19 22:35 - 2012-09-02 22:21 - 00444376 _____ (Intel Corporation) C:\windows\system32\igfxTray.exe
2014-11-19 22:35 - 2012-09-02 18:10 - 00064000 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2014-11-19 22:35 - 2012-09-02 18:10 - 00060416 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2014-11-19 22:31 - 2013-04-07 07:12 - 00000000 ____D () C:\windows\Hewlett-Packard
2014-11-19 22:22 - 2013-04-07 07:02 - 00000000 ____D () C:\ProgramData\Intel
2014-11-19 22:21 - 2013-04-07 07:03 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-11-19 22:12 - 2014-05-13 19:32 - 00000000 __RSH () C:\windows\SysWOW64\Drivers\103C_HP_bNB_EliteBook Folio 9470m_Y5336AN_0U_QCNU3259FSP_E692752-FL1_4A_I18DF_SHP_V62.18_B68IBD F.48_T140113_W748-1_L41B_M8056_J500_7Intel_86A9_92.40_#121017_N80861502;8086088E_(H5E46EA#BCM)_XMOBILE_CN10_Z.MRK
2014-11-19 22:12 - 2014-05-13 19:32 - 00000000 __RSH () C:\windows\system32\Drivers\103C_HP_bNB_EliteBook Folio 9470m_Y5336AN_0U_QCNU3259FSP_E692752-FL1_4A_I18DF_SHP_V62.18_B68IBD F.48_T140113_W748-1_L41B_M8056_J500_7Intel_86A9_92.40_#121017_N80861502;8086088E_(H5E46EA#BCM)_XMOBILE_CN10_Z.MRK
2014-11-19 22:12 - 2012-10-18 01:53 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-11-16 17:54 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-11-15 08:43 - 2014-05-15 20:07 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-14 14:09 - 2014-05-16 09:31 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-14 10:38 - 2014-05-13 23:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 19:40 - 2014-05-13 22:40 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Adobe
2014-11-13 07:36 - 2014-05-16 07:50 - 00000000 ____D () C:\windows\system32\MRT
2014-11-13 06:55 - 2014-05-16 07:50 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-11 20:31 - 2014-05-13 22:41 - 00003932 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-11 20:31 - 2014-05-13 22:41 - 00003680 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-08 12:38 - 2013-04-07 07:20 - 00000000 ____D () C:\ProgramData\Skype
2014-11-04 19:39 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-11-03 20:38 - 2009-07-14 06:08 - 00032606 _____ () C:\windows\Tasks\SCHEDLGU.TXT
Some content of TEMP:
====================
C:\Users\Marcel\AppData\Local\Temp\AxSFADownloader.exe
C:\Users\Marcel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqutfrm.dll
C:\Users\Marcel\AppData\Local\Temp\Quarantine.exe
C:\Users\Marcel\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
Task: {213224F1-A1DA-4B4D-A769-1D257DECFA4D} - System32\Tasks\Imperia Online W4 => Chrome.exe \C:\Program Files (x86)\Google\Chrome\Application\chrome.exe\" --app=http://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768"
Task: {597218D1-B560-4601-9ED5-80CB92E4AD23} - System32\Tasks\Imperia Online W2 => Chrome.exe \C:\Program Files (x86)\Google\Chrome\Application\chrome.exe\" --app=http://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768"
Task: {67A44099-9024-4E64-9099-4AC159307D4F} - System32\Tasks\Imperia Online W3 => Chrome.exe \C:\Program Files (x86)\Google\Chrome\Application\chrome.exe\" --app=http://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768"
Task: {9C2431E1-96FB-4C27-AA5B-5EB6DC3EC8D5} - System32\Tasks\Imperia Online W1 => Chrome.exe \C:\Program Files (x86)\Google\Chrome\Application\chrome.exe\" --app=http://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768"
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForMarcel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Marcel\Desktop" je 2747 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Přispějete na provoz fóra?